notepad.pw Open in urlscan Pro
151.139.128.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://notepad.pw/
Effective URL:
https://notepad.pw/v23u9ue1
Submission Tags: falconsandbox
Submission: On December 11 via api (December 11th 2020, 7:49:25 pm UTC) from US

Summary HTTP 97 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 40 IPs in 6 countries across 27 domains to perform 97 HTTP transactions. The main IP is 151.139.128.11, located in Dallas, United States and belongs to HIGHWINDS3, US. The main domain is notepad.pw.
TLS certificate: Issued by Sectigo ECC Domain Validation Secure ... on November 15th 2020. Valid for: 3 months.

This is the only time notepad.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	68.183.157.211 68.183.157.211	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:820::2008	15169 (GOOGLE) (GOOGLE)
7	2606:4700:20:... 2606:4700:20::ac43:443c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
1	35.188.71.214 35.188.71.214	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3031::681b:8143	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
5	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE)
4	52.28.154.93 52.28.154.93	16509 (AMAZON-02) (AMAZON-02)
2	213.19.162.41 213.19.162.41	26667 (RUBICONPR...) (RUBICONPROJECT)
4	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
2	184.31.84.150 184.31.84.150	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	18.159.79.175 18.159.79.175	16509 (AMAZON-02) (AMAZON-02)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1 3	2.19.34.195 2.19.34.195	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:210... 2600:9000:2104:e400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
3	35.226.36.58 35.226.36.58	15169 (GOOGLE) (GOOGLE)
3	185.29.135.190 185.29.135.190	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	138.201.63.116 138.201.63.116	24940 (HETZNER-AS) (HETZNER-AS)
1	104.75.88.223 104.75.88.223	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	94.130.102.164 94.130.102.164	24940 (HETZNER-AS) (HETZNER-AS)
1	52.30.8.231 52.30.8.231	16509 (AMAZON-02) (AMAZON-02)
3	23.210.249.92 23.210.249.92	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.75.88.214 104.75.88.214	16625 (AKAMAI-AS) (AKAMAI-AS)
1	184.30.212.16 184.30.212.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
3 3	52.58.45.227 52.58.45.227	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
97	40

9 151.139.128.11 (Dallas, United States) 1 redirects

ASN20446 (HIGHWINDS3, US)

notepad.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.183.157.211 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: server1.wpcc.io

wpcc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::ac43:443c (United States)

ASN13335 (CLOUDFLARENET, US)

a.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.188.71.214 (United States)

ASN15169 (GOOGLE, US)
PTR: 214.71.188.35.bc.googleusercontent.com

d.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3031::681b:8143 (United States)

ASN13335 (CLOUDFLARENET, US)

live.notepad.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.22.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.28.154.93 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-154-93.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.162.41 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.89 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.31.84.150 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.159.79.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-79-175.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.19.34.195 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-19-34-195.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:e400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fe6652ef2e3a92d3253354306c7a34a9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.226.36.58 (United States)

ASN15169 (GOOGLE, US)
PTR: 58.36.226.35.bc.googleusercontent.com

c.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.135.190 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.63.116 (Heppenheim an der Bergstrasse, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.223 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-223.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.130.102.164 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de

hal900012.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.8.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-8-231.eu-west-1.compute.amazonaws.com

affiliate.salestring.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.210.249.92 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-92.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.214 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-214.deploy.static.akamaitechnologies.com

aktrack.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.212.16 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.249.164 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.58.45.227 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-45-227.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	notepad.pw 1 redirects notepad.pw live.notepad.pw	56 KB
11	pub.network a.pub.network d.pub.network c.pub.network	315 KB
9	cloudflare.com cdnjs.cloudflare.com	204 KB
8	googlesyndication.com fe6652ef2e3a92d3253354306c7a34a9.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	13 KB
6	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com aktrack.pubmatic.com	2 KB
6	bidswitch.net 3 redirects grid.bidswitch.net x.bidswitch.net	2 KB
6	adnxs.com ib.adnxs.com acdn.adnxs.com	5 KB
5	doubleclick.net securepubads.g.doubleclick.net	118 KB
4	redintelligence.net 1 redirects hal9000.redintelligence.net hal900012.redintelligence.net	6 KB
4	mathtag.com tags.mathtag.com pixel.mathtag.com	3 KB
4	sharethrough.com btlr.sharethrough.com	437 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com	3 KB
3	googletagservices.com www.googletagservices.com	76 KB
2	indexww.com js-sec.indexww.com
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	casalemedia.com htlb.casalemedia.com	732 B
2	google-analytics.com www.google-analytics.com	19 KB
2	gstatic.com fonts.gstatic.com	20 KB
2	wpcc.io wpcc.io	5 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	835 B
1	salestring.com affiliate.salestring.com	2 KB
1	google.com adservice.google.com	169 B
1	google.de adservice.google.de	169 B
1	quantcount.com rules.quantcount.com	1 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	googleapis.com fonts.googleapis.com	803 B
97	27

	Domain	Requested by
9	cdnjs.cloudflare.com	notepad.pw cdnjs.cloudflare.com
9	notepad.pw	1 redirects notepad.pw
7	a.pub.network	notepad.pw a.pub.network securepubads.g.doubleclick.net
5	securepubads.g.doubleclick.net	www.googletagservices.com notepad.pw
4	ib.adnxs.com	notepad.pw
4	btlr.sharethrough.com	notepad.pw
4	live.notepad.pw	notepad.pw
3	x.bidswitch.net	3 redirects
3	ads.pubmatic.com	notepad.pw a.pub.network
3	hal900012.redintelligence.net	1 redirects notepad.pw hal900012.redintelligence.net
3	tags.mathtag.com	a.pub.network tags.mathtag.com
3	c.pub.network	notepad.pw
3	pagead2.googlesyndication.com	notepad.pw
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	sb.scorecardresearch.com	1 redirects a.pub.network
3	grid.bidswitch.net	notepad.pw
3	www.googletagservices.com	a.pub.network securepubads.g.doubleclick.net
2	acdn.adnxs.com	a.pub.network
2	js-sec.indexww.com	a.pub.network
2	fe6652ef2e3a92d3253354306c7a34a9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	hbopenbid.pubmatic.com	notepad.pw
2	htlb.casalemedia.com	notepad.pw
2	fastlane.rubiconproject.com	notepad.pw
2	www.google-analytics.com	www.googletagmanager.com notepad.pw
2	fonts.gstatic.com	fonts.googleapis.com
2	wpcc.io	notepad.pw
1	pr-bh.ybp.yahoo.com	1 redirects
1	eus.rubiconproject.com	a.pub.network
1	aktrack.pubmatic.com	notepad.pw
1	affiliate.salestring.com	notepad.pw
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	notepad.pw
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	pixel.quantserve.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	a.pub.network
1	d.pub.network	notepad.pw
1	www.googletagmanager.com	notepad.pw
1	fonts.googleapis.com	notepad.pw
97	40

This site contains links to these domains. Also see Links.

Domain
www.internetcookies.org
freestar.com
notepad-static.s3.amazonaws.com
about.notepad.pw
www.facebook.com
twitter.com
reddit.com

Subject Issuer	Validity	Valid
notepad.pw Sectigo ECC Domain Validation Secure Server CA	`2020-11-15` - `2021-02-13`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
wpcc.io Sectigo RSA Domain Validation Secure Server CA	`2020-06-22` - `2021-06-22`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.pub.network Go Daddy Secure Certificate Authority - G2	`2020-03-17` - `2021-05-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.sharethrough.com Amazon	`2020-09-09` - `2021-10-11`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2020-06-24` - `2021-02-17`	8 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
grid.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-15` - `2021-10-23`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
redintelligence.net Let's Encrypt Authority X3	`2020-10-20` - `2021-01-18`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
affiliate.salestring.com Amazon	`2020-01-17` - `2021-02-17`	a year	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-29` - `2021-04-14`	5 months	crt.sh

This page contains 15 frames:

Primary Page: https://notepad.pw/v23u9ue1
Frame ID: 02F1AB8DD246965B829A1708E8ED5F14
Requests: 71 HTTP requests in this frame

Frame: https://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=iu
Frame ID: 4B9183A9C3F2DD8AF1D80F344F5CE781
Requests: 3 HTTP requests in this frame

Frame: https://fe6652ef2e3a92d3253354306c7a34a9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 68B893109442B9DC7A5A7FF755853944
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 09054592B4E517DD39DFB4B4C86852C7
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxeHf8PH_D-m7Od_CqLV5VkcAkKeTiAiDWTtW0OaPbg2TFUTXxpAlTEJE3sv2WURXwgByk1-uYOxIVQ93OK2ENFsV3FgyBEDCMhWu_xDdEmWp8g9uH2jg3ccPS7m_p0j2xmjZ_CNPK9RbLuUIZhigqUthmNKLIL25clg_hg3U5UUzKNQUSlA-gzzb7pATTb9yr0j5qENFUr8UX54g6nXVbC_XWN9DkckgZIkSOmOLdWCkj_JeFRzRE_2HZ4L7xWuJs5mJhs9Jr1KovBQFW1PsMPT513swT5zo-jQPvKWU&sai=AMfl-YTupBKdazD7Av77ckUNY5OzppNAcSioOPOEz2uSo2cwFYFjM0-QT04pMcAHvqF2Qy0BAp0R3jHXBk4FrD1iN9RA1rx3I4eJI4bw3W24rVMYsMfSLxwGqCzTEr87h48&sig=Cg0ArKJSzEeGl4HD_FBTEAE&urlfix=1&adurl=
Frame ID: 05C3061FEED943DDD678B0C54358B373
Requests: 13 HTTP requests in this frame

Frame: https://hal900012.redintelligence.net/request_content.php?s=13043500169880201039536011440012&a=bfa36b4d
Frame ID: 2EAF8994E20F31CBCB077AE81AA705C4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7C0D8ECC22F45573C772100D1B35BFD2
Requests: 1 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156696&siteId=269885&adId=1325177&adType=10&adServerId=243&kefact=0.127107&kaxefact=0.127107&kadNetFrequecy=0&kadwidth=468&kadheight=60&kadsizeid=8&kltstamp=1607716150&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.141230&dcId=3&tldId=61471032&passback=0&svr=BID22362U&adsver=_4098858076&adsabzcid=0&ekefact=Ns3TX4SYDQDVjJNZJRJbA2CGpzLKWQcnZwo2LLSEBq9qoxbg&ekaxefact=Ns3TX5WYDQD2B8FuF61BJ7txFTKp9FVURmspoa9VTosODbTS&ekpbmtpfact=Ns3TX6KYDQC2xibzCzD3MDwLq9BqB28_geAxaLjG_AKF55fH&crID=6798639&lpu=soberberlin.com&ucrid=12036948830137356740&campaignId=16735&creativeId=0&pctr=0.000000&wDSPByrId=101936&wDspId=27&wbId=3&wrId=0&wAdvID=985929&wDspCampId=669191&isRTB=1&rtbId=445CB085-4BAE-4D2A-BA89-E1A8FE688A25&imprId=9F3E0642-C69A-43F2-87C7-6068FB93FE93&oid=9F3E0642-C69A-43F2-87C7-6068FB93FE93&cntryId=60&domain=notepad.pw&pageURL=https%3A%2F%2Fnotepad.pw%2Fv23u9ue1&sec=1&pAuSt=2
Frame ID: 8A63D8DA4DE698DE5C8D117608A66386
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 66D2A85CEB7CE3276BB822F8F7289D4A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D47F3F59C56D3E41626BDE21762BB49E
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6A12C5D1482BC4C5D030DFF6C167835A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 30D7EF604B058278BBF5E98694673ACC
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 386DA4863D6B8377BF23FE80A52192D0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 36193F86A21CFB03B4E2C3F1051732F8
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4488CD0C52384080EBE6BE7733DFAC6F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://notepad.pw/ HTTP 307
https://notepad.pw/v23u9ue1 Page URL

Detected technologies

Fireblade (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /fbs/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Ionicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+ionicons(?:\.min)?\.css/i

Page Statistics

97
Requests

100 %
HTTPS

44 %
IPv6

27
Domains

40
Subdomains

40
IPs

6
Countries

898 kB
Transfer

2550 kB
Size

10
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.internetcookies.org/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://freestar.com/?utm_medium=display
Title:

Search URL Search Domain Scan URL

URL: https://notepad-static.s3.amazonaws.com/Notepad.pw+Terms+of+Use.pdf
Title: Terms

Search URL Search Domain Scan URL

URL: https://about.notepad.pw/
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://notepad.pw/share/54l71zd8c

Search URL Search Domain Scan URL

URL: http://twitter.com/share?text=notepad.pw&url=https://notepad.pw/share/54l71zd8c

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https://notepad.pw/share/54l71zd8c&title=notepad.pw

Search URL Search Domain Scan URL

URL: https://freestar.com/?utm_medium=stickyFooter
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://notepad.pw/ HTTP 307
https://notepad.pw/v23u9ue1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1607716150794&ns_c=UTF-8&cv=3.5&c8=notepad.pw%20%2F%20v23u9ue1%20%7C%20The%20napkin%20of%20the%20internet.&c7=https%3A%2F%2Fnotepad.pw%2Fv23u9ue1&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1607716150794&ns_c=UTF-8&cv=3.5&c8=notepad.pw%20%2F%20v23u9ue1%20%7C%20The%20napkin%20of%20the%20internet.&c7=https%3A%2F%2Fnotepad.pw%2Fv23u9ue1&c9=&cs_ak_ss=1

Request Chain 80

https://hal900012.redintelligence.net/request.php?zone=xxexut2w4pav&nw=20&renderingType=javascript&namespace=1fb06232f2&subid=&uid=897dadd3dee42e39&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1679689473829802550%26mt_id%3D6798639%26mt_adid%3D216536%26mt_sid%3D4728557%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D88685fd3-cd37-4301-b743-49945b42ab4a%26mt_3pck%3Dhttps%253A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NjY5NiZzaXRlSWQ9MjY5ODg1JmFkSWQ9MTMyNTE3NyZrYWRzaXplaWQ9OCZ0bGRJZD02MTQ3MTAzMiZjYW1wYWlnbklkPTE2NzM1JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xMjAzNjk0ODgzMDEzNzM1Njc0MCZhZFNlcnZlcklkPTI0MyZpbXBpZD05RjNFMDY0Mi1DNjlBLTQzRjItODdDNy02MDY4RkI5M0ZFOTMmcGFzc2JhY2s9MA%253D%253D_url%253D%26redirect%3D&documentReferer=https%3A%2F%2Fnotepad.pw%2Fv23u9ue1&ancestorOrigins=https%3A%2F%2Fnotepad.pw&random=7089550616379&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900012.redintelligence.net/request.php?zone=xxexut2w4pav&nw=20&renderingType=javascript&namespace=1fb06232f2&subid=&uid=897dadd3dee42e39&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1679689473829802550%26mt_id%3D6798639%26mt_adid%3D216536%26mt_sid%3D4728557%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D88685fd3-cd37-4301-b743-49945b42ab4a%26mt_3pck%3Dhttps%253A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NjY5NiZzaXRlSWQ9MjY5ODg1JmFkSWQ9MTMyNTE3NyZrYWRzaXplaWQ9OCZ0bGRJZD02MTQ3MTAzMiZjYW1wYWlnbklkPTE2NzM1JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xMjAzNjk0ODgzMDEzNzM1Njc0MCZhZFNlcnZlcklkPTI0MyZpbXBpZD05RjNFMDY0Mi1DNjlBLTQzRjItODdDNy02MDY4RkI5M0ZFOTMmcGFzc2JhY2s9MA%253D%253D_url%253D%26redirect%3D&documentReferer=https%3A%2F%2Fnotepad.pw%2Fv23u9ue1&ancestorOrigins=https%3A%2F%2Fnotepad.pw&random=7089550616379&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 97

https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid HTTP 302
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=themediagrid&ssp_user_id=3b8cc201-5f43-4d1e-9514-2c7e4044b675 HTTP 302
https://x.bidswitch.net/sync?dsp_id=74&&user_id=180896947&expires=5&ssp=themediagrid HTTP 302
https://grid.bidswitch.net/getuids?bsw_uid=3b8cc201-5f43-4d1e-9514-2c7e4044b675&ssp_custom_data=

97 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request v23u9ue1 Show response
notepad.pw/
Redirect Chain

https://notepad.pw/
https://notepad.pw/v23u9ue1

30 KB
13 KB

294ms
294ms

Document
text/html

151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://notepad.pw/v23u9ue1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: 88122f4fe15edd7940e143d930d530eaa17da50254ba71b5dbf7b771fe1f1211

Request headers

:method: GET
:authority: notepad.pw
:scheme: https
:path: /v23u9ue1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SPSI=2e29c5a8ee6ac20e18c523e37122d569; SPSE=3WuzRHd9RJVHvJUWpxQYsfr/qMYUfi8ova0Fhcmjo3rbMraP+o8l2k3K5hazvlQUcG4ZUTdyp82Sa5g17mT4OA==; spcsrf=bfe8ab3958a7598246d4f129cb6d5191; UTGv2=D-h41fc216f248195a4a8bf663cd916586ff23; pad_cookie=7e2cbd139a45d6cffd75faf92d905e4d9926899d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:08 GMT
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
set-cookie: spcsrf=8cab0346433b11a512330ee1e98f6084; path=/; SameSite=Strict; HttpOnly; expires=Fri, 11-Dec-20 21:49:08 GMT UTGv2=D-h468f19c4063ec27e5f02b2170f256696c78; path=/; expires=Sat, 11-Dec-21 19:49:08 GMT sp_lit=zIOppAa1o3sjTY6yTOL4kQ==; path=/; SameSite=Strict; HttpOnly; expires=Fri, 11-Dec-20 19:54:08 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: fbs
access-control-allow-origin: *
x-hw: 1607716148.cds068.sk1.hn,1607716148.cds206.sk1.sc,1607716148.cdn2-redis02-arn1.stackpath.systems.-.wx,1607716148.cds206.sk1.p

Redirect headers

date: Fri, 11 Dec 2020 19:49:08 GMT
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
set-cookie: SPSI=2e29c5a8ee6ac20e18c523e37122d569; path=/; HttpOnly; SPSE=3WuzRHd9RJVHvJUWpxQYsfr/qMYUfi8ova0Fhcmjo3rbMraP+o8l2k3K5hazvlQUcG4ZUTdyp82Sa5g17mT4OA==; path=/; HttpOnly; spcsrf=bfe8ab3958a7598246d4f129cb6d5191; path=/; SameSite=Strict; HttpOnly; expires=Fri, 11-Dec-20 21:49:07 GMT adOtr=obsvl; path=/; expires=Thu, 2 Aug 2001 20:47:11 UTC UTGv2=D-h41fc216f248195a4a8bf663cd916586ff23; path=/; expires=Sat, 11-Dec-21 19:49:07 GMT pad_cookie=7e2cbd139a45d6cffd75faf92d905e4d9926899d; expires=Fri, 11-Dec-2020 21:50:31 GMT; Max-Age=7200; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
location: https://notepad.pw/v23u9ue1
server: fbs
access-control-allow-origin: *
x-hw: 1607716147.cds068.sk1.hn,1607716147.cds015.sk1.sc,1607716148.cdn2-wafbe02-arn1.stackpath.systems.-.wx,1607716148.cds015.sk1.p

GET
H2 200 css
fonts.googleapis.com/ 5 KB
803 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700

Requested by

Host: notepad.pw
URL: https://notepad.pw/v23u9ue1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51839cd54fbd59d491d731aa9f28bf46a0c44fd332a461e267e2e61c247adf1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Dec 2020 19:13:19 GMT
server: ESF
date: Fri, 11 Dec 2020 19:49:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Dec 2020 19:49:08 GMT

GET
H2 200 global.css
notepad.pw/content/css/ 6 KB
2 KB 298ms
297ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://notepad.pw/content/css/global.css?229
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: 2b60310189012686567c541c72a40acf74adb416bdc524008822d6c7c73ccd97

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:08 GMT
content-encoding: gzip
last-modified: Mon, 02 Oct 2017 03:48:05 GMT
server: fbs
etag: "59d1b6f5-1821"
x-hw: 1607716148.cds068.sk1.hn,1607716148.cds020.sk1.sc,1607716148.cdn2-redis01-arn1.stackpath.systems.-.wx,1607716148.cds020.sk1.p
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/6.0.0/ 2 KB
1 KB 15ms
14ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/6.0.0/normalize.min.css

Requested by

Host: notepad.pw
URL: https://notepad.pw/v23u9ue1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55b731aa03064189b7abca9931deb7b844c75d7664aacecc1356c4bc0635c4af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 804154
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 742
cf-request-id: 06f4f2ac8a00000eb368be9000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-8a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q884qw47sJ%2FPH0no1bEO0rnz7KuQUEdZHFeGWHVI1Obj9FBnx8%2BgsxlqjZbCsdZFVnKjva6cQ5DxrK2f5Mfb1cabs1KQyA3xXV8vubroiYS0IGWg8Fu16eLOf0Rhe7fxPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6001ba274c480eb3-FRA
expires: Wed, 01 Dec 2021 19:49:08 GMT

GET
H2 200 ionicons.min.css
cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ 50 KB
7 KB 16ms
15ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css

Requested by

Host: notepad.pw
URL: https://notepad.pw/v23u9ue1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 150765
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6642
cf-request-id: 06f4f2ac8a00000eb34ab4d000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ea8-c854"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iWaiVr1F46er5RVTYKhSfIAqwfUghXECIvXMhbCTh%2FqlL7luE40Mrs6oJlSlz6F%2FHGWo3qnT0nltlHAiZ3Hc9SsoOce5F7IpKRM018HceupaI0IVfZfPz4TPB2bwZVQYaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6001ba274c4a0eb3-FRA
expires: Wed, 01 Dec 2021 19:49:08 GMT

GET
H2 200 logo-dark.png
notepad.pw/content/images/ 22 KB
22 KB 455ms
454ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notepad.pw/content/images/logo-dark.png
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: 560ee8213cda78828e88fbcbe2fbe6d3337d563384ea57d344ce3e3559da1dda

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:09 GMT
last-modified: Thu, 30 Aug 2018 21:59:20 GMT
server: fbs
etag: "5b8868b8-57f4"
x-hw: 1607716148.cds068.sk1.hn,1607716148.cds224.sk1.sc,1607716149.cdn2-wafbe01-arn1.stackpath.systems.-.wx,1607716149.cds224.sk1.p
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 22516

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/ 82 KB
26 KB 12ms
11ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: notepad.pw
URL: https://notepad.pw/v23u9ue1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 152139
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26646
cf-request-id: 06f4f2ac9d00000eb312283000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1499c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PzPXvg4cOuWvQL%2FfdNK2Bvstg1u0kgWtkfyRn8CrAPDN7wITIgx1fc8ET51hawF0cO3agxp4XKAX%2B4uaHiP3RBJplvkk%2F7PxARu3qw3RRTEgVeLq9khuAdOtQYpKZW1yRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6001ba276c860eb3-FRA
expires: Wed, 01 Dec 2021 19:49:08 GMT

GET
H2 200 angular.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/ 156 KB
49 KB 15ms
15ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular.min.js

Requested by

Host: notepad.pw
URL: https://notepad.pw/v23u9ue1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 668317
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49420
cf-request-id: 06f4f2acaf00000eb374305000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:55 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d27-27130"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BbDxGQJ%2B1ktVegZtelqfbsi1cIlRwJYQ12Uyr3W0IhbtRobuWuPWWnxpzKb%2BNaYosTAkyqafKTI7lqwvcrdHloYC35%2BQJPcJgS43GkZJVN%2FU17JY0Vt2kr%2FWgBXM7wC7pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6001ba277cd40eb3-FRA
expires: Wed, 01 Dec 2021 19:49:08 GMT

GET
H2 200 angular-cookies.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/ 1 KB
1002 B 19ms
19ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular-cookies.min.js

Requested by

Host: notepad.pw
URL: https://notepad.pw/v23u9ue1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f79dfaabb417f7b777458a24663c5075dd1e56026e20578a0d74568b3c762375

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 804164
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 677
cf-request-id: 06f4f2acc500000eb31f386000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:55 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d27-5a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fP5XP%2BmosqQZ%2FS9ufmztbwvtxgDc898Uvg3eBPaCvzE9Vo8a0xYf3v9mGoWDtjMe%2BPHC4cqO7a7B9Hi546S5FaRPd755Knl%2BGnketp%2F0Cvq84LfUGJbxB9Wy93oXvwZAMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6001ba279d1c0eb3-FRA
expires: Wed, 01 Dec 2021 19:49:08 GMT

GET
H2 200 socket.io.min.js Show response
cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.8/ 68 KB
19 KB 14ms
14ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.8/socket.io.min.js

Requested by

Host: notepad.pw
URL: https://notepad.pw/v23u9ue1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

888b41bb493f82bc787b507deee35df8a9dca32d9f59e5e4434334bb04aa1e17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 81616
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19101
cf-request-id: 06f4f2acd900000eb3febd8000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-10ec3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SwkRyZh81ZtzYXmgpGsf4kUt2H8JO1uiaMsK519zjXGEwmnOKiOpa7rlGNtOypQgyH1yGSaOGfrFbNA4NYB1iSXrd9xKTyr5T%2F%2BCTRZ9xlfhjWjoj3d1XIcKCdPJoJt9Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6001ba27cd7b0eb3-FRA
expires: Wed, 01 Dec 2021 19:49:08 GMT

GET
H2 200 app.min.js Show response
notepad.pw/content/js/ 8 KB
3 KB 286ms
286ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://notepad.pw/content/js/app.min.js?366
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: c9c41579990e491b31185c662e701facbcd6dab9ec0b06edef8feec2f981812e

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:08 GMT
content-encoding: gzip
last-modified: Thu, 30 Aug 2018 22:33:49 GMT
server: fbs
etag: "5b8870cd-2089"
x-hw: 1607716148.cds068.sk1.hn,1607716148.cds013.sk1.sc,1607716148.cdn2-redis01-arn1.stackpath.systems.-.wx,1607716148.cds013.sk1.p
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 store.min.js Show response
cdnjs.cloudflare.com/ajax/libs/store.js/1.3.20/ 3 KB
1 KB 31ms
31ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/store.js/1.3.20/store.min.js

Requested by

Host: notepad.pw
URL: https://notepad.pw/v23u9ue1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d23807344428eec21271b708fcf73919827e568b0a335989f9f2348ae4356bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 804151
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 994
cf-request-id: 06f4f2adb700000eb31d250000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fdc-a35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q76ridR1qj%2Fggg67XWthr3IegH702qZoWxUFVP2ZsZq3MX73sfdoQ10GGJCdykAEZdYKBcBpXmR%2BJem5BBRX42yDIWKffTRbSqcgEpi7fW2lesJ85Gra5XtzA1GBhlhDPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6001ba2929340eb3-FRA
expires: Wed, 01 Dec 2021 19:49:08 GMT

GET
H2 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.7.1/ 11 KB
3 KB 29ms
27ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.7.1/clipboard.min.js

Requested by

Host: notepad.pw
URL: https://notepad.pw/v23u9ue1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 81562
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3005
cf-request-id: 06f4f2adbc00000eb36d2eb000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e29-2aa5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QTbds53xGyekl1GodzZCY5cYLf00vHO7SMkvOOspnbCuVkKFhTQsoCyKOJ7YrENyE9qoohkzXTBk57meTV94KW3IU0LURZkZWUQBeXYZ%2FbYoydSWhb24PQG0v5%2FYYtYmhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6001ba29294e0eb3-FRA
expires: Wed, 01 Dec 2021 19:49:08 GMT

GET
H2 200 cookieconsent.min.css
wpcc.io/lib/1.0.2/ 4 KB
2 KB 388ms
119ms Stylesheet
text/css 68.183.157.211
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://wpcc.io/lib/1.0.2/cookieconsent.min.css

Requested by

Host: notepad.pw
URL: https://notepad.pw/v23u9ue1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.183.157.211 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

server1.wpcc.io

Software

nginx /

Resource Hash

119351ced3134718cb42591e513ff063cf04af7c2734b137c666ee62e137e15d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:08 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Apr 2019 15:44:29 GMT
server: nginx
etag: W/"5ca777dd-fbe"
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=2592000, no-cache, public, must-revalidate, proxy-revalidate
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Sun, 10 Jan 2021 19:49:08 GMT

GET
H2 200 cookieconsent.min.js Show response
wpcc.io/lib/1.0.2/ 9 KB
4 KB 389ms
120ms Script
application/javascript 68.183.157.211
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://wpcc.io/lib/1.0.2/cookieconsent.min.js

Requested by

Host: notepad.pw
URL: https://notepad.pw/v23u9ue1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.183.157.211 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

server1.wpcc.io

Software

nginx /

Resource Hash

6a168e2ddae4d655f0e9793c98406ed886956b7f54544b88a1b9d279fe8b242f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:08 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Aug 2020 00:22:01 GMT
server: nginx
etag: W/"5f29fba9-226a"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=2592000, no-cache, public, must-revalidate, proxy-revalidate
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Sun, 10 Jan 2021 19:49:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-153530698-1

Requested by

Host: notepad.pw
URL: https://notepad.pw/v23u9ue1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc96014302a0a9371a22e1c59b74e69b0884fc59cb01d9be2f04e935a40ad8d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39019
x-xss-protection: 0
last-modified: Fri, 11 Dec 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Dec 2020 19:49:08 GMT

GET
H2 200 pubfig.min.js Show response
a.pub.network/notepad-pw/ 156 KB
44 KB 136ms
111ms Script
application/javascript 2606:4700:20::ac43:443c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/notepad-pw/pubfig.min.js
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:443c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8945a372bd035bcde76a46960f89387757117ede66d87665d486307e959aa3c2

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=ijKK9w==, md5=a+xjiymGpQI3kwCCn1WUwg==
date: Fri, 11 Dec 2020 19:49:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABg5-Uxjj7CE7U-dTAdLwThJpbdQL3UU-GyoX3XGfasbhxdkMhSmfkzpHIErG6hgVAsPAJMBMFfHH8MIzoQRpkN3Kkw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
cf-request-id: 06f4f2add20000979cd4892000000001
last-modified: Wed, 09 Dec 2020 23:44:34 GMT
server: cloudflare
etag: W/"6bec638b2986a502379300829f5594c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FcpFXuJPMyDhZ8c%2Bb3AJrrnNNGgkd2NSR2K5N%2BcH%2BGqlbdd81pbO2Ib%2BR6IzST59dWzVfVcZsSLAuxO6R%2BQznCBAB8hpSadu6QNE5wZyyXTpQi4WA5rwSqzO"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1607557474882112
cache-control: public, max-age=1800
x-goog-stored-content-length: 159698
cf-ray: 6001ba294b11979c-FRA
expires: Thu, 10 Dec 2020 22:54:12 GMT

GET
H2 200 / Show response
notepad.pw/sbbi/ Frame 4B91 25 KB
11 KB 42ms
41ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=iu&sbbgs=h468f19c4063ec27e5f02b2170f256696c78&ddl=1
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: e644918f46ad5f284f6e605915254615e5d72212d37717b0abb2d62dc5deaa5f

Request headers

:method: GET
:authority: notepad.pw
:scheme: https
:path: /sbbi/?sbbpg=sbbShell&gprid=iu&sbbgs=h468f19c4063ec27e5f02b2170f256696c78&ddl=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://notepad.pw/v23u9ue1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SPSI=2e29c5a8ee6ac20e18c523e37122d569; SPSE=3WuzRHd9RJVHvJUWpxQYsfr/qMYUfi8ova0Fhcmjo3rbMraP+o8l2k3K5hazvlQUcG4ZUTdyp82Sa5g17mT4OA==; pad_cookie=7e2cbd139a45d6cffd75faf92d905e4d9926899d; spcsrf=8cab0346433b11a512330ee1e98f6084; sp_lit=zIOppAa1o3sjTY6yTOL4kQ==; PRLST=iu; UTGv2=h468f19c4063ec27e5f02b2170f256696c78
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://notepad.pw/v23u9ue1

Response headers

date: Fri, 11 Dec 2020 19:49:08 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: fbs
x-accel-expires: 0
access-control-allow-origin: *
x-hw: 1607716148.cds068.sk1.hn,1607716148.cds028.sk1.sc,1607716148.cdn2-wafbe02-arn1.stackpath.systems.-.i,1607716148.cds028.sk1.p

GET
H2 200 /
notepad.pw/sbbi/ 43 B
260 B 40ms
39ms Image
image/gif 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notepad.pw/sbbi/?sbbpg=utMedia&vii=2he42698cf51a98ce4e066a3ce2c02e71e85cf50223be23177102f22d5566699k6icm7q8
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
x-accel-expires: 0
date: Fri, 11 Dec 2020 19:49:08 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
server: fbs
x-hw: 1607716148.cds068.sk1.hn,1607716148.cds023.sk1.sc,1607716148.cdn2-wafbe03-arn1.stackpath.systems.-.i,1607716148.cds023.sk1.p
content-type: image/gif

GET
H2 200 ionicons.ttf
cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/fonts/ 184 KB
96 KB 28ms
28ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/fonts/ionicons.ttf?v=2.0.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c5b6bb603a4f7556b94532674f3847b430b9495afbb3a4dcfe5ba718baa59ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://notepad.pw
Referer: https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 80207
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 97438
cf-request-id: 06f4f2adce00003248b60de000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ea8-2e05c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AADCwDZXLLkyuM0KLRwpsXEW3hDBW8XrZM1bb2fMqOFOLleIUr4%2Fnu6bNH%2BoxvMUX%2BXMxH%2BiNJEfELUv7r44sWcH%2FqP7MztAeeTZF4TzXFTRzI21zNqKuH2pTuTYmnvosg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6001ba294e4f3248-FRA
expires: Wed, 01 Dec 2021 19:49:08 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
fonts.gstatic.com/s/notosans/v11/ 10 KB
10 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v11/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://notepad.pw
Referer: https://fonts.googleapis.com/css?family=Noto+Sans:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 18:30:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 23:50:56 GMT
server: sffe
age: 177525
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10292
x-xss-protection: 0
expires: Thu, 09 Dec 2021 18:30:23 GMT

GET
H/1.1 200
OK init Show response
d.pub.network/ 147 B
580 B 636ms
156ms XHR
application/json 35.188.71.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/init?key=1413undefined
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.71.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.71.188.35.bc.googleusercontent.com
Software: /
Resource Hash: 20eb2c3737cddca09f056e566396d83aab10de8824984c5684247345e995edc4

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://notepad.pw
Date: Fri, 11 Dec 2020 19:49:09 GMT
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding: chunked
Content-Type: application/json

GET
H2 200 / Show response
live.notepad.pw/socket.io/ 101 B
769 B 289ms
257ms XHR
application/octet-stream 2606:4700:3031::681b:8143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.notepad.pw/socket.io/?EIO=3&transport=polling&t=NPJMPZk
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47088d1f026b7b32bd3fae708cec565eeb77fe0268191e2bd18ab4e120add310

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:09 GMT
via: 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ETZT8nCtViX2ttOfnHwVfL0%2FeVAcKk7dmnF%2FqWJ%2BjWI5DvM22%2BXho9U0jLCuprP%2FH65zv7Cjdrgh9S%2BCIjbbRnzqKLCC6aLh9sKv7V0PdmNPUewYxIsf9wCWV%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: https://notepad.pw
access-control-allow-credentials: true
cf-ray: 6001ba2e88432b4d-FRA
content-length: 101
cf-request-id: 06f4f2b11200002b4db7805000000001

GET
H3-Q050 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
fonts.gstatic.com/s/notosans/v11/ 10 KB
10 KB 35ms
20ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v11/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6195b1bce0085db8c9b1b936150dfd7b070aa9be52d44580b1b6f16752dece34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://notepad.pw
Referer: https://fonts.googleapis.com/css?family=Noto+Sans:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 03:59:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 23:58:43 GMT
server: sffe
age: 402587
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10116
x-xss-protection: 0
expires: Tue, 07 Dec 2021 03:59:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153530698-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3559
date: Fri, 11 Dec 2020 18:49:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 11 Dec 2020 20:49:50 GMT

GET
H2 200 / Show response
live.notepad.pw/socket.io/ 5 B
314 B 257ms
257ms XHR
application/octet-stream 2606:4700:3031::681b:8143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.notepad.pw/socket.io/?EIO=3&transport=polling&t=NPJMPh4&sid=hI-GutsEruZ-8Mv5ABb_
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:10 GMT
via: 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8IQG5QRTzy5O8p9sxd89FB%2F0Is7OsY2vyBVYphkk3Lck3xQAIga%2B%2FinV5ghOgwhPFKDWUFYabiUjRvD3veVbYIIT1oOVXc5cSNBxRSmiNozmi5Wz%2BgGxk3XA13Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: https://notepad.pw
access-control-allow-credentials: true
cf-ray: 6001ba313f1f2b4d-FRA
content-length: 5
cf-request-id: 06f4f2b2d800002b4dd7aba000000001

GET
H2 200 pubfig.engine.4.2.6.3a13c17c01a1249715b4629cbd5788d1957c57f7.js Show response
a.pub.network/core/pubfig/ 286 KB
79 KB 49ms
48ms Script
text/javascript 2606:4700:20::ac43:443c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/pubfig/pubfig.engine.4.2.6.3a13c17c01a1249715b4629cbd5788d1957c57f7.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/notepad-pw/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:443c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e132a71fb17a9ff708845e4ad37d2901cd3ea4a7985df57a1078bc49253055d8

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=eizVow==, md5=kE1hYnBjeTLgF5pbll8+sA==
date: Fri, 11 Dec 2020 19:49:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABg5-UyFqCsc9_vqHzdDkxkydoS1_UoRsz_lwlPjwHIrvA-wQLFc-Kvqw6sfDNTunOCmUUAgAlWeZigJkNl-BmGhNk1Q8-eqHA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: text/javascript
cf-request-id: 06f4f2b3900000979cd53c9000000001
last-modified: Fri, 04 Dec 2020 20:00:46 GMT
server: cloudflare
etag: W/"904d616270637932e0179a5b965f3eb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=v8XrWeIkAphQCHbQdi72weGJwci7nVKTHh9FgmkRVf2x0y64qDDogsXxlddp5dnG6mg0JX9Rb0egNtwdzUi5MGhOh%2Fgon6f1stED%2BI0rPWx1yevyEhFPhH2V"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1607112046324671
cache-control: public, max-age=3600
x-goog-stored-content-length: 292999
cf-ray: 6001ba327a6e979c-FRA
expires: Thu, 10 Dec 2020 23:46:05 GMT

POST
H2 200 / Show response
live.notepad.pw/socket.io/ 2 B
299 B 145ms
145ms XHR
text/html 2606:4700:3031::681b:8143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.notepad.pw/socket.io/?EIO=3&transport=polling&t=NPJMPla&sid=hI-GutsEruZ-8Mv5ABb_
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

date: Fri, 11 Dec 2020 19:49:10 GMT
via: 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6001ba330c032b4d-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5VOq3d89GuoYE%2FgRlKc0po%2FjcNQjvEikX4agvuPDY12b5Um3dpWt3ztI0TcrTNWnxOfkp%2FrGwNPvXHl00mgV7kklPPCuQFffWx13WbHFFy69cHk3KD3yJQR5C8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: https://notepad.pw
access-control-allow-credentials: true
content-encoding: br
cf-request-id: 06f4f2b3e700002b4dd40ba000000001

GET
H2 200 / Show response
live.notepad.pw/socket.io/ 4 B
291 B 300ms
300ms XHR
application/octet-stream 2606:4700:3031::681b:8143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.notepad.pw/socket.io/?EIO=3&transport=polling&t=NPJMPlb&sid=hI-GutsEruZ-8Mv5ABb_
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:10 GMT
via: 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rxpXbLJNyQfxvdIBKt1XCik%2B2FWBtXZjtixh%2Bb7bcRVx%2FRVswfERnFCOJUjsGYeft3%2BJp9TZQYMq8fUsOuWajhIELZS9eTkkkidFgbkEhAqfc1ISIU2YlUQQBJc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: https://notepad.pw
access-control-allow-credentials: true
cf-ray: 6001ba330c052b4d-FRA
content-length: 4
cf-request-id: 06f4f2b3e700002b4dbc90e000000001

POST
H2 200 / Show response
notepad.pw/sbbi/ Frame 4B91 516 B
483 B 40ms
40ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=iu&sbbgs=h468f19c4063ec27e5f02b2170f256696c78&ddl=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b

Request headers

:method: POST
:authority: notepad.pw
:scheme: https
:path: /sbbi/?sbbpg=sbbShell&gprid=iu&sbbgs=h468f19c4063ec27e5f02b2170f256696c78&ddl=1
content-length: 663
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://notepad.pw
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=iu&sbbgs=h468f19c4063ec27e5f02b2170f256696c78&ddl=1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SPSI=2e29c5a8ee6ac20e18c523e37122d569; SPSE=3WuzRHd9RJVHvJUWpxQYsfr/qMYUfi8ova0Fhcmjo3rbMraP+o8l2k3K5hazvlQUcG4ZUTdyp82Sa5g17mT4OA==; pad_cookie=7e2cbd139a45d6cffd75faf92d905e4d9926899d; spcsrf=8cab0346433b11a512330ee1e98f6084; sp_lit=zIOppAa1o3sjTY6yTOL4kQ==; PRLST=iu; UTGv2=h468f19c4063ec27e5f02b2170f256696c78; adOtr=c9e5282ea6e; fsbotchecked=true; typography=%7B%22sp_class%22%3A%22not-active%22%7D; __cfduid=dfd027eaef012f5382f79b16f2b2aa0851607716149; _fsloc=?i=DK&c=Copenhagen&s=84
Upgrade-Insecure-Requests: 1
Origin: https://notepad.pw
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=iu&sbbgs=h468f19c4063ec27e5f02b2170f256696c78&ddl=1

Response headers

date: Fri, 11 Dec 2020 19:49:10 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: fbs
x-accel-expires: 0
access-control-allow-origin: *
x-hw: 1607716150.cds068.sk1.hn,1607716150.cds024.sk1.sc,1607716150.cdn2-wafbe04-arn1.stackpath.systems.-.i,1607716150.cds024.sk1.p

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
63 B 13ms
13ms XHR
text/plain 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=956019173&t=pageview&_s=1&dl=https%3A%2F%2Fnotepad.pw%2Fv23u9ue1&ul=en-us&de=UTF-8&dt=notepad.pw%20%2F%20v23u9ue1%20%7C%20The%20napkin%20of%20the%20internet.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1495778672&gjid=1543020148&cid=327612199.1607716150&tid=UA-153530698-1&_gid=1505560070.1607716150&_r=1&gtm=2oubu0&z=1602408246

Requested by

Host: notepad.pw
URL: https://notepad.pw/v23u9ue1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 19:49:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://notepad.pw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 55 KB
19 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.2.6.3a13c17c01a1249715b4629cbd5788d1957c57f7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

683f82e1b4301ed42243e333fba87ced6b4f31a113e130d49a016c5cb43fa52b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "721 / 36 of 1000 / last-modified: 1607689179"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18933
x-xss-protection: 0
expires: Fri, 11 Dec 2020 19:49:10 GMT

GET
H2 200 prebid-analytics-4.10.0.js Show response
a.pub.network/core/ 413 KB
123 KB 35ms
34ms Script
text/html 2606:4700:20::ac43:443c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/prebid-analytics-4.10.0.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.2.6.3a13c17c01a1249715b4629cbd5788d1957c57f7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:443c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dbaab8f472717f5f659cb28deb326df6d4b858bf1025c84f366a808798c1587

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=JH7wqQ==, md5=99s/gqDS63NRL9sZf88ibQ==
date: Fri, 11 Dec 2020 19:49:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABg5-UwV_BV_vYmzJCIfxj-g_9W8vGMNqPoMJHTZRBoOqOh6YfiZF0qEo7vMIpJS0PIVWWkvnWwc9egpxo48flk39a2od-lgrw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
content-type: text/html
cf-request-id: 06f4f2b43e0000979cd48fc000000001
last-modified: Mon, 05 Oct 2020 20:56:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Op5S%2Bf3jB03fU3faAmhkFd586DKlhxuUQdWpdEB%2BBqzJ8zDlyU9vsJtJF00ylqeBiFRitXRYjtQtSmr4nAuC9jArQthv2F0pWZon0HukAek4TkHfSHqsjdxx"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1601931411309627
cache-control: private, max-age=86400
x-goog-stored-content-length: 422619
cf-ray: 6001ba339b65979c-FRA
expires: Fri, 10 Dec 2021 22:46:06 GMT

GET
H2 200 / Show response
notepad.pw/sbbi/ Frame 4B91 7 KB
3 KB 48ms
48ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=iu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: 4286cdf1d0f9389e2db53ecd1c36680725399965e919c24070c3b034ba5c2925

Request headers

:method: GET
:authority: notepad.pw
:scheme: https
:path: /sbbi/?sbbpg=sbbShell&gprid=iu
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=iu&sbbgs=h468f19c4063ec27e5f02b2170f256696c78&ddl=1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SPSI=2e29c5a8ee6ac20e18c523e37122d569; SPSE=3WuzRHd9RJVHvJUWpxQYsfr/qMYUfi8ova0Fhcmjo3rbMraP+o8l2k3K5hazvlQUcG4ZUTdyp82Sa5g17mT4OA==; pad_cookie=7e2cbd139a45d6cffd75faf92d905e4d9926899d; spcsrf=8cab0346433b11a512330ee1e98f6084; sp_lit=zIOppAa1o3sjTY6yTOL4kQ==; PRLST=iu; UTGv2=h468f19c4063ec27e5f02b2170f256696c78; adOtr=c9e5282ea6e; fsbotchecked=true; typography=%7B%22sp_class%22%3A%22not-active%22%7D; __cfduid=dfd027eaef012f5382f79b16f2b2aa0851607716149; _fsloc=?i=DK&c=Copenhagen&s=84; _ga=GA1.2.327612199.1607716150; _gid=GA1.2.1505560070.1607716150; _gat_gtag_UA_153530698_1=1; _fssid=a41e0ba9-879c-4ade-a6f1-6ef593f5e0b1; fssts=false
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=iu&sbbgs=h468f19c4063ec27e5f02b2170f256696c78&ddl=1

Response headers

date: Fri, 11 Dec 2020 19:49:10 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: fbs
x-accel-expires: 0
access-control-allow-origin: *
x-hw: 1607716150.cds068.sk1.hn,1607716150.cds209.sk1.sc,1607716150.cdn2-redis02-arn1.stackpath.systems.-.i,1607716150.cds209.sk1.p

GET
H2 200 pubads_impl_2020120301.js Show response
securepubads.g.doubleclick.net/gpt/ 279 KB
99 KB 160ms
54ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

dc3842d1ad8fde688d7b47fb100be5a4bcf18b97af2dd23d02dbb3713f6d520b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Dec 2020 09:42:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100510
x-xss-protection: 0
expires: Fri, 11 Dec 2020 19:49:10 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
109 B 141ms
69ms XHR
text/plain 52.28.154.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=231915b8ed5a21&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.10.0&strVersion=3.2.1&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%221413%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.154.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-154-93.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://notepad.pw
date: Fri, 11 Dec 2020 19:49:10 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
110 B 120ms
48ms XHR
text/plain 52.28.154.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&bidId=3fe978a95a6775&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.10.0&strVersion=3.2.1&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%221413%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.154.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-154-93.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://notepad.pw
date: Fri, 11 Dec 2020 19:49:10 GMT
access-control-allow-credentials: true
vary: Origin

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
2 KB 240ms
129ms XHR
application/json 213.19.162.41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1498292&size_id=2&alt_size_ids=55%2C221&rp_schain=1.0,1!freestar.io,1413,1,,,&rf=https%3A%2F%2Fnotepad.pw%2Fv23u9ue1&tk_flint=pbjs_lite_v4.10.0&x_source.tid=a60ce603-7e34-4833-8ed3-3d850cb8d36e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.45436339730119224
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: a6d69484fd7cc37394e484041508958fbf33bfe2bd3e7215e1314f2bf4f64827

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Dec 2020 19:49:10 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://notepad.pw
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 169ms
91ms XHR
application/json 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: notepad.pw
URL: https://notepad.pw/v23u9ue1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

9b52a6fb42cac8d1e5a98b0b89ce761b945a1dcc6bc77fb5a3163f871f02e0cf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Dec 2020 19:49:10 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.240:80
AN-X-Request-Uuid: 9d147f1f-e81c-4148-b189-f6481bef9ac7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://notepad.pw
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 23 B
365 B 145ms
68ms XHR
application/json 184.31.84.150
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=538329&v=7.2&r=%7B%22id%22%3A%22824e3cfa39f49%22%2C%22imp%22%3A%5B%7B%22id%22%3A%229aa8f43910cb55%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538329%22%2C%22sid%22%3A%221x1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1%2C%22h%22%3A1%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2210fdf496e730bb9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538329%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22116664d6623e512%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538329%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fnotepad.pw%2Fv23u9ue1%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%221413%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0fd2878ca2ca74756ba04304b9737be4bf7727a7eb2dec9e75eb67731aaf00f1

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 19:49:10 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DK], RC:[], CN:[EU], CIP:[82.102.20.235], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://notepad.pw
x-cs-client-geo: 10
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 43
x-ak-client-geo: 10
expires: Fri, 11 Dec 2020 19:49:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 141ms
66ms XHR
application/json 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: notepad.pw
URL: https://notepad.pw/v23u9ue1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b44056f8f4ac197247e228ba4b91011d9513b2e93a489bc3775affd0464ace20

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Dec 2020 19:49:10 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.43:80
AN-X-Request-Uuid: 17249a0e-8476-4033-97bb-d0c1e7886e1b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://notepad.pw
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 2 B
369 B 160ms
54ms XHR
application/json 18.159.79.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.79.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-79-175.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 11 Dec 2020 19:49:10 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://notepad.pw
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=UTF-8
Content-Length: 2

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
112 B 162ms
89ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://notepad.pw
date: Fri, 11 Dec 2020 19:49:10 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 30ms
10ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.2.6.3a13c17c01a1249715b4629cbd5788d1957c57f7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:10 GMT
content-encoding: gzip
etag: "8q1rat7Mm9i+FVcOidF8/g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 18 Dec 2020 19:49:10 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 98ms
30ms Script
application/x-javascript 2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.2.6.3a13c17c01a1249715b4629cbd5788d1957c57f7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Dec 2020 19:49:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Sat, 12 Dec 2020 19:49:10 GMT

GET
H2 200 fslogo-green.svg
a.pub.network/core/imgs/ 1 KB
1 KB 35ms
34ms Image
image/svg+xml 2606:4700:20::ac43:443c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.pub.network/core/imgs/fslogo-green.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:443c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
date: Fri, 11 Dec 2020 19:49:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABg5-UxCWrZl4PhX9St20dw5qNe-Tbdgz_G6l7DeSO59MCZzBohROUIuwaqpQLWpNO2OsbeJ5NsyEbHwosVNq05mu6Y
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: image/svg+xml
cf-request-id: 06f4f2b5a80000979cce1c0000000001
last-modified: Tue, 08 Sep 2020 17:04:37 GMT
server: cloudflare
etag: W/"326d6cbd977657e1205bd616d1f2faca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sAEgkdi5m6TNOCutvx0K30q%2BAx8YJzLd%2FQ1iQxrlxX84bGVg%2F5iKiepvbiwcf%2FI87HtduusceYMLr3fOJ%2F7Rmsa94Xl1m7rqvjussSl%2FXibyjIMBHODUZ%2BY1"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1599584677716817
cache-control: public, max-age=3600
x-goog-stored-content-length: 1193
cf-ray: 6001ba35dd84979c-FRA
expires: Fri, 11 Dec 2020 20:46:34 GMT

GET
H2 200 rules-p-UeXruRVtZz7w6.js Show response
rules.quantcount.com/ 2 KB
1 KB 86ms
23ms Script
application/x-javascript 2600:9000:2104:e400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:e400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:08:01 GMT
content-encoding: gzip
last-modified: Thu, 07 Dec 2017 17:06:25 GMT
server: AmazonS3
age: 2470
etag: "cbc97d16c77ea1fcbbf42d246001e982"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: tgQS4AYTl1R3NFjTldNj_bCOD4VmmnYKKXdB69UyxWMPUX5btoTJ7g==

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1607716150794&ns_c=UTF-8&cv=3.5&c8=notepad.pw%20%2F%20v23u9ue1%20%7C%20The%20napkin%20of%20the%20internet.&c7=https%3A%2F%2Fnotep...
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1607716150794&ns_c=UTF-8&cv=3.5&c8=notepad.pw%20%2F%20v23u9ue1%20%7C%20The%20napkin%20of%20the%20internet.&c7=https%3A%2F%2Fnote...

0
528 B

31ms
30ms

Image
text/plain

2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1607716150794&ns_c=UTF-8&cv=3.5&c8=notepad.pw%20%2F%20v23u9ue1%20%7C%20The%20napkin%20of%20the%20internet.&c7=https%3A%2F%2Fnotepad.pw%2Fv23u9ue1&c9=&cs_ak_ss=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Dec 2020 19:49:10 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1607716150794&ns_c=UTF-8&cv=3.5&c8=notepad.pw%20%2F%20v23u9ue1%20%7C%20The%20napkin%20of%20the%20internet.&c7=https%3A%2F%2Fnotepad.pw%2Fv23u9ue1&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Fri, 11 Dec 2020 19:49:10 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
367 B 58ms
57ms XHR
application/json 184.31.84.150
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=538329&v=7.2&r=%7B%22id%22%3A%2220daea0d119949f%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2221179c048fe0f67%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538329%22%2C%22sid%22%3A%22468x60%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2222e22bf85ebb2ef%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538329%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222308dc59fad7bf9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538329%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fnotepad.pw%2Fv23u9ue1%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%221413%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1218d1542f43aa9b79347ef0815c1bedbceb9af797e6d60fb984005c9b938480

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 19:49:10 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DK], RC:[], CN:[EU], CIP:[82.102.20.235], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://notepad.pw
x-cs-client-geo: 10
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 10
expires: Fri, 11 Dec 2020 19:49:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 78ms
55ms XHR
application/json 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: notepad.pw
URL: https://notepad.pw/v23u9ue1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0fd0b717735bc558e48f86375f11755efe89de3258d8636fc6c52bc3b93fcf2e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Dec 2020 19:49:10 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.141:80
AN-X-Request-Uuid: 1acd1059-4b1f-4a95-afce-5bd4c8d07d22
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://notepad.pw
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
109 B 41ms
40ms XHR
text/plain 52.28.154.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=27a4b4dff25666d&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.10.0&strVersion=3.2.1&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%221413%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.154.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-154-93.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://notepad.pw
date: Fri, 11 Dec 2020 19:49:10 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
109 B 36ms
34ms XHR
text/plain 52.28.154.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&bidId=2820005946da84f&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.10.0&strVersion=3.2.1&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%221413%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.154.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-154-93.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://notepad.pw
date: Fri, 11 Dec 2020 19:49:10 GMT
access-control-allow-credentials: true
vary: Origin

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 262 B
2 KB 226ms
115ms XHR
application/json 213.19.162.41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1498292&size_id=2&alt_size_ids=1%2C55&rp_schain=1.0,1!freestar.io,1413,1,,,&rf=https%3A%2F%2Fnotepad.pw%2Fv23u9ue1&tk_flint=pbjs_lite_v4.10.0&x_source.tid=0809e4f9-06ae-4ee2-85b8-54d1938bc291&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8878682610364577
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 70f44ea83aecd579119eb839d893c5a42d6af2d0375d918b4d0b659423509876

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Dec 2020 19:49:11 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://notepad.pw
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 262
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 112ms
70ms XHR
application/json 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: notepad.pw
URL: https://notepad.pw/v23u9ue1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

ea5838a25a58f866f6986258e5bfa4fd9f23fb331ed8f9657ab6d1e0ffd57bf2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Dec 2020 19:49:10 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.53:80
AN-X-Request-Uuid: 7e4a5b99-9278-48d0-8cae-d2284b6824ec
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://notepad.pw
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 2 B
369 B 80ms
46ms XHR
application/json 18.159.79.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.79.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-79-175.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 11 Dec 2020 19:49:10 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://notepad.pw
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=UTF-8
Content-Length: 2

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ 3 KB
2 KB 100ms
99ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 30b96f7e113f7864e20167231c425cef23b3b342aee7e3d16469223f4737e560

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Dec 2020 19:49:10 GMT
content-encoding: gzip
x-openrtb-version: 2.3
content-type: application/json
access-control-allow-origin: https://notepad.pw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 1867

GET
H2 200 pixel;r=497889296;labels=keywords.notepad%20online%2Ckeywords.notepad%2Ckeywords.cloud%2Ckeywords.free%20notepad%2Ckeywords.save%20notes%2Ckeywords.notes%2Ckeywords.online%20notepad%2Ckeywords.clou...
pixel.quantserve.com/ 35 B
372 B 14ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=497889296;labels=keywords.notepad%20online%2Ckeywords.notepad%2Ckeywords.cloud%2Ckeywords.free%20notepad%2Ckeywords.save%20notes%2Ckeywords.notes%2Ckeywords.online%20notepad%2Ckeywords.cloud%20notepad%2Ckeywords.write%2Ckeywords.note%2Ckeywords.writing%2Ckeywords.publish%2Ckeywords.webpage%2Ckeywords.markdown%2Ctitle.notepad.pw;rf=0;uht=2;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fnotepad.pw%2Fv23u9ue1;fpan=1;fpa=P0-1038061219-1607716150833;ns=0;ce=1;qjs=1;qv=58f0669e-20201210192756;cm=;gdpr=0;ref=;d=notepad.pw;je=0;sr=1600x1200x24;dst=1;et=1607716150833;tzo=-60;ogl=type.website%2Ctitle.notepad%252Epw%2Cdescription.Save%20your%20notes%20online%20for%20free%20and%20share%20them%20with%20friends!%2Curl.https%3A%2F%2Fnotepad%252Epw%2Cimage.https%3A%2F%2Fnotepad%252Epw%2Fog-icon%252Epng

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 19:49:10 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
169 B 17ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=notepad.pw

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Dec 2020 19:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 18ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=notepad.pw

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Dec 2020 19:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 60 KB
16 KB 335ms
281ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1567146463546553&correlator=3538513967463244&output=ldjh&impl=fifs&eid=21069136%2C21069145&vrg=2020120301&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201211&iu_parts=15184186%2Cnotepad_970x90_728x90_320x50_Sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C728x90%7C970x90&prev_scp=fsrefresh%3Dfalse%26fsrebid%3Dfalse%26fsbid%3D0&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1607716150&dt=1607716150951&dlt=1607716148357&idt=2235&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=1199&adks=2140769806&ucis=1&ifi=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnotepad.pw%2Fv23u9ue1&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=327612199.1607716150&ga_sid=1607716151&ga_hid=956019173&fws=512&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: notepad.pw
URL: https://notepad.pw/v23u9ue1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

4a68806f2996805e97ccebb23bc450ecc1335f4a11de50f1648c1f32d526433e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15510
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://notepad.pw
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
fe6652ef2e3a92d3253354306c7a34a9.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 82ms
39ms Other
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fe6652ef2e3a92d3253354306c7a34a9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 9ms
8ms Other
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 548ms
547ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1567146463546553&correlator=3538513967463244&output=ldjh&impl=fifs&adsid=NT&eid=21069136%2C21069145&vrg=2020120301&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201211&iu_parts=15184186%2Cnotepad_970x90_728x90_320x50_320x100_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60%7C728x90%7C970x90&prev_scp=fsrefresh%3Dfalse%26fsrebid%3Dfalse%26fsbid%3D0%26fspbg%3Dfreestar%26freestar_path%3D%252Fv23u9ue1%26freestar_domain%3Dnotepad.pw%26custom_bidder_size%3Dpubmatic_468x60%26hb_format%3Dbanner%26hb_size%3D468x60%26hb_pb%3D0.11%26hb_adid%3D40521af425ff525%26hb_bidder%3Dpubmatic&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1607716151&dt=1607716151043&dlt=1607716148357&idt=2235&frm=20&biw=1600&bih=1200&oid=3&adxs=566&adys=5&adks=338981424&ucis=2&ifi=2&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnotepad.pw%2Fv23u9ue1&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1028&msz=1600x70&ga_vid=327612199.1607716150&ga_sid=1607716151&ga_hid=956019173&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: notepad.pw
URL: https://notepad.pw/v23u9ue1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

ca5b15b95bbc4163efec781403c3aae9e39035c0a84ad5d7cdbd9dde2fddbd2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3069
x-xss-protection: 0
google-lineitem-id: 5334927586
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138307546606
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://notepad.pw
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 container.html
fe6652ef2e3a92d3253354306c7a34a9.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 68B8 0
0 38ms
20ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fe6652ef2e3a92d3253354306c7a34a9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: fe6652ef2e3a92d3253354306c7a34a9.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://notepad.pw/v23u9ue1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://notepad.pw/v23u9ue1

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Fri, 11 Dec 2020 19:49:11 GMT
expires: Sat, 11 Dec 2021 19:49:11 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 48ms
28ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232aefdba529e089a651b9ae0a1f9e9abcd5b62e629bd1031a9f491742bcb4de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607561515382827"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28334
x-xss-protection: 0
expires: Fri, 11 Dec 2020 19:49:11 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 36ms
17ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120301&st=env

Requested by

Host: notepad.pw
URL: https://notepad.pw/v23u9ue1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc556f2b0d3ed8b94a649b80b2ae46f2963a6f1a0c97b6ddbb37b595a647ea65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Dec 2020 19:49:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6625
x-xss-protection: 0

GET
H2 200 pubfig.messaging.2.1.3.ab081b6049bb76c4f685d0c654c6a14aa5aad31b.js Show response
a.pub.network/core/pubfig/ 213 KB
57 KB 45ms
44ms Script
text/javascript 2606:4700:20::ac43:443c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.1.3.ab081b6049bb76c4f685d0c654c6a14aa5aad31b.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.2.6.3a13c17c01a1249715b4629cbd5788d1957c57f7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:443c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86f10b8a6df37fef05944c8e01395dcbc3fc5acf10037a61a6a9b112a436a5d0

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=z9XADw==, md5=KvnUENyj6ZH37qScaBnxhw==
date: Fri, 11 Dec 2020 19:49:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABg5-UywyE2Glt6ms-mYwim2SuFwYNINZolm8SNhY9O42ye9aqOxusvdiEV0p5BoE-mScqj__dTC_yBNvFB2zS_ryyQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: text/javascript
cf-request-id: 06f4f2b8280000979cc488e000000001
last-modified: Wed, 18 Nov 2020 19:53:23 GMT
server: cloudflare
etag: W/"2af9d410dca3e991f7eea49c6819f187"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zaV3SunpquMlEBmv%2BIKEZA%2FtzXRIRY4za7htAlKnMgkYLtGKc3CT0bwqguOPopSsBU31Tl3LOE17SrTALFUQgLR%2BTnHYU50%2BMqbDeh7y3iDyNUTRg64nGbxX"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1605729203227682
cache-control: public, max-age=3600
x-goog-stored-content-length: 217902
cf-ray: 6001ba39d932979c-FRA
expires: Thu, 10 Dec 2020 23:46:07 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 45ms
30ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Fri, 11 Dec 2020 19:49:11 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 0905 0
0 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://notepad.pw/v23u9ue1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://notepad.pw/v23u9ue1

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Fri, 11 Dec 2020 19:20:14 GMT
expires: Sat, 11 Dec 2021 19:20:14 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1737
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK c Show response
c.pub.network/ 36 B
458 B 584ms
144ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: 84c0f24961d9cd967af43df4a48011aaf2a0b014c2e0868cc103c5f178943b06

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://notepad.pw
Date: Fri, 11 Dec 2020 19:49:11 GMT
Access-Control-Allow-Credentials: true
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 05C3 0
0 59ms
58ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxeHf8PH_D-m7Od_CqLV5VkcAkKeTiAiDWTtW0OaPbg2TFUTXxpAlTEJE3sv2WURXwgByk1-uYOxIVQ93OK2ENFsV3FgyBEDCMhWu_xDdEmWp8g9uH2jg3ccPS7m_p0j2xmjZ_CNPK9RbLuUIZhigqUthmNKLIL25clg_hg3U5UUzKNQUSlA-gzzb7pATTb9yr0j5qENFUr8UX54g6nXVbC_XWN9DkckgZIkSOmOLdWCkj_JeFRzRE_2HZ4L7xWuJs5mJhs9Jr1KovBQFW1PsMPT513swT5zo-jQPvKWU&sai=AMfl-YTupBKdazD7Av77ckUNY5OzppNAcSioOPOEz2uSo2cwFYFjM0-QT04pMcAHvqF2Qy0BAp0R3jHXBk4FrD1iN9RA1rx3I4eJI4bw3W24rVMYsMfSLxwGqCzTEr87h48&sig=Cg0ArKJSzEeGl4HD_FBTEAE&urlfix=1&adurl=

Requested by

Host: notepad.pw
URL: https://notepad.pw/v23u9ue1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Dec 2020 19:49:11 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Dec 2020 19:49:11 GMT

GET
H2 200 prebid-universal-creative.js Show response
a.pub.network/core/ Frame 05C3 26 KB
9 KB 39ms
38ms Script
text/javascript 2606:4700:20::ac43:443c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/prebid-universal-creative.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:443c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ab080656fab6802aab402d3e385c6c3aa1715d4d962edd506907862dfdad8dc

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=uEu8xg==, md5=O15fToc0bBVTfMXMVCfeag==
date: Fri, 11 Dec 2020 19:49:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABg5-Uw2tn72_vt8uZKzg0QY2ChOL07nY_tY2cIV-Tf-_GXxuhqJJzz2h_A_gAKW_-f0ZrppwCzjfiGli1f2VwaxDGU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: text/javascript
cf-request-id: 06f4f2b9360000979cc196f000000001
last-modified: Wed, 01 Apr 2020 21:06:56 GMT
server: cloudflare
etag: W/"3b5e5f4e87346c15537cc5cc5427de6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W%2BmSUi4nvPCjPcmD0RfjbwMsPR6rjQjgan5WvBS9QmtQaznylCshY7jxuHaLEVHtRctFCU3xQccIW79VT16UDyvF6qiSEAH4RTi3tksDKMH1You9FrZsgRXf"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1585775216018312
cache-control: public, max-age=86400
x-goog-stored-content-length: 26243
cf-ray: 6001ba3b8ab5979c-FRA
expires: Thu, 10 Dec 2020 22:52:19 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 05C3 76 KB
29 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f2ae177b9ba4a4e78debba8a1520276d88e8f4fbd55e80c1d74165ac61a2592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:49:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607561515382827"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Fri, 11 Dec 2020 19:49:11 GMT

GET
H2 200 fslogo-green.svg
a.pub.network/core/imgs/ 1 KB
965 B 36ms
36ms Image
image/svg+xml 2606:4700:20::ac43:443c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.pub.network/core/imgs/fslogo-green.svg
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.2.6.3a13c17c01a1249715b4629cbd5788d1957c57f7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:443c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
date: Fri, 11 Dec 2020 19:49:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABg5-UxCWrZl4PhX9St20dw5qNe-Tbdgz_G6l7DeSO59MCZzBohROUIuwaqpQLWpNO2OsbeJ5NsyEbHwosVNq05mu6Y
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: image/svg+xml
cf-request-id: 06f4f2b9380000979cd5024000000001
last-modified: Tue, 08 Sep 2020 17:04:37 GMT
server: cloudflare
etag: W/"326d6cbd977657e1205bd616d1f2faca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BFeCfTqzfoNzxRtmAxb0WvgQ5MTOFAuLRI%2Bfdgl28%2FhLqjbQKT4eRAbXB101nYuYEY5JkmeTqM0s5IOucIp8CzsNpWQ2e%2FE%2BRYyU0qu%2FhuVDTYTDcoMOA4IR"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1599584677716817
cache-control: public, max-age=3600
x-goog-stored-content-length: 1193
cf-ray: 6001ba3b8ab6979c-FRA
expires: Fri, 11 Dec 2020 20:46:34 GMT

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 05C3 2 KB
2 KB 123ms
45ms Script
application/x-javascript 185.29.135.190
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=pub&s_exch=pub&id=5aW95q2jLzIzLyAvT0RZeFl6azVNekV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2Nzk2ODk0NzM4Mjk4MDI1NTAvNjc5ODYzOS80NzI4NTU3LzMvWTNtTGxKOFh4RGtvbHRvN0RlQnNwbmZ2UXpxV0R0b2tERXlMUVpOSVRMOC8xLzMvMC8wLzk5NjczNC8xMzgyNDIxNTA0LzIxNjUzNi82NjkxOTEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNjc5Njg5NDczODI5ODAyNTUwL2Ftcy8wLzQyODMvODYvOTk5LzIvODIuMTAyLjIwLjAvMC4wMDAvMTYwNzcxNjE1MC8xNjA3NzI4NzUwLzMvMTU2Njk2Lw/IajgiLfTI1lO4ocVvRwS-B1h6_Y&nodeid=2653&group=eu&auctionid=1679689473829802550&sid=4728557&cid=6798639&price=0.141230&bp=a_behecc&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.144&3pck=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjY5NiZzaXRlSWQ9MjY5ODg1JmFkSWQ9MTMyNTE3NyZrYWRzaXplaWQ9OCZ0bGRJZD02MTQ3MTAzMiZjYW1wYWlnbklkPTE2NzM1JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xMjAzNjk0ODgzMDEzNzM1Njc0MCZhZFNlcnZlcklkPTI0MyZpbXBpZD05RjNFMDY0Mi1DNjlBLTQzRjItODdDNy02MDY4RkI5M0ZFOTMmcGFzc2JhY2s9MA%3D%3D_url%3D
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.135.190 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.188.1 /
Resource Hash: 6630d3fd7765c6c606d0a3b7989b94d88ce4351f622e574d315db5387bbf953b

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Dec 2020 19:49:11 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1607716150
Last-Modified: Fri, 11 Dec 2020 19:49:10 GMT
Server: MMBD/3.188.1
x-mm-latency: 10 (10)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: cdg-router-x33, cdg-bidder-x149
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Fri, 11 Dec 2020 19:49:10 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
201 B 15ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020120301&jk=1567146463546553&bg=!-_il-NjNAAXKjztByliKosXgQKpRQAIAAACKUgAAABhoAQcKAZEmGn4q0Z-hArh84xV16RV9QREcAerPN_BJhsUHfOn4VgtcaoGqEf4MaFy7FT01bjqLwmviAWRZfgUrrwosy8qoU6fSipR3mti90dgDEBjaSwtmy0GmZisvSp3n81uFwwWIi2NtmY5t9RWQoGbYrvoNpq3JvdJIkWcP752ZiPouTtpbL71JP-QeWBRXm1zQUcfYaF-3OqeqxJt1NZ6-VlhuzYfCfl5MzaQW0aIWR_31QTrC77HrxoBCSVSXZdFLQd0GLoy-Rou-9TUGuhAvpa_JeJZPqidSX_SzjzqzxTQzLIPS80gbxQRCTdz6-b0Aiinada6XFNBx-p2SqnfcXnk6vopIJXpLrsu0xqMBBOvbBWBmCB5ohusFvyrutbmZ8ZJ_H-8HO5_nW-Icmc203PEsJU97h-TFBIDT59evaNlc4kyqyf5iC6SmgYQqZ7Hy1-T3RAihnoILxCZkIfle7nNhPNcVBHlAprWPX1IbRHUsXVLGXJgsStGdbS6UWc_K_q291S5C0mVShbGPoUuPfxY4a5kBszTgZzHd64whfSZPE7SYN5F-R2nr5_5O8lelwmfHafMmwgguBSDSH4LwbA-SSN4DzS4j2zSEEfg88TcngrMrK5jnkuHlSHmq2YiKpgYPYqaz4Ijt1F6UBP9NsK5Vp_WjN5WIAgyzTMXmw5pxl2Cqu4bRxlJDtUEdHlQoHiaXlcb83_P6HeYX7YwvznSjQ2S1dQxso3y2Vf1VYUQDvuf4nRD0G8ZaDmWY4GBPvAFss4t9r1PJzqgWCb3RmM-nTJtxAs2rZokvz___-VGDJnk4GMs4EOLox9nueQeBHWS_lU1WoRbjGwPAHzKd7M57YKM63n9x8JjzSo2fUfG5-r5sWyH2e1s9jG0sZR70rttSLbIakqEDng7hczdWrA6mDp2HXydVD5dHL-pm0fKMrwH4WgOYBvpTfljnrQMPivLV4Juu8zGkZNs6hCjUIQyDp_-42daiFYdTnAACKeH9jHvBcROyKJ7zG1oC7whGN0tR-GCnti7HDpp1BnDAYobpcBRceKLfzSHuJDTvxqYFE5rViW1-LT-X_5bQbG2hVLe_IRZ4WxdshS7kg7qD_0QGrxcTuf5EZQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 19:49:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK xxexut2w4pav Show response
hal9000.redintelligence.net/zone/ Frame 05C3 10 KB
3 KB 118ms
37ms Script
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/xxexut2w4pav?subid=&rnd=1679689473829802550&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1679689473829802550%26mt_id%3D6798639%26mt_adid%3D216536%26mt_sid%3D4728557%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D88685fd3-cd37-4301-b743-49945b42ab4a%26mt_3pck%3Dhttps%253A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NjY5NiZzaXRlSWQ9MjY5ODg1JmFkSWQ9MTMyNTE3NyZrYWRzaXplaWQ9OCZ0bGRJZD02MTQ3MTAzMiZjYW1wYWlnbklkPTE2NzM1JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xMjAzNjk0ODgzMDEzNzM1Njc0MCZhZFNlcnZlcklkPTI0MyZpbXBpZD05RjNFMDY0Mi1DNjlBLTQzRjItODdDNy02MDY4RkI5M0ZFOTMmcGFzc2JhY2s9MA%253D%253D_url%253D%26redirect%3D
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 722cd4ad015d279f22c9b35d9e4aaf0d53c3dfc1e91a7c254be1e756ab70bf4b

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Dec 2020 19:49:11 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3091
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 05C3 49 B
330 B 104ms
37ms Image
image/gif 185.29.135.190
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=1679689473829802550&node_id=2653&exch_id=3
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=pub&s_exch=pub&id=5aW95q2jLzIzLyAvT0RZeFl6azVNekV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2Nzk2ODk0NzM4Mjk4MDI1NTAvNjc5ODYzOS80NzI4NTU3LzMvWTNtTGxKOFh4RGtvbHRvN0RlQnNwbmZ2UXpxV0R0b2tERXlMUVpOSVRMOC8xLzMvMC8wLzk5NjczNC8xMzgyNDIxNTA0LzIxNjUzNi82NjkxOTEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNjc5Njg5NDczODI5ODAyNTUwL2Ftcy8wLzQyODMvODYvOTk5LzIvODIuMTAyLjIwLjAvMC4wMDAvMTYwNzcxNjE1MC8xNjA3NzI4NzUwLzMvMTU2Njk2Lw/IajgiLfTI1lO4ocVvRwS-B1h6_Y&nodeid=2653&group=eu&auctionid=1679689473829802550&sid=4728557&cid=6798639&price=0.141230&bp=a_behecc&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.144&3pck=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjY5NiZzaXRlSWQ9MjY5ODg1JmFkSWQ9MTMyNTE3NyZrYWRzaXplaWQ9OCZ0bGRJZD02MTQ3MTAzMiZjYW1wYWlnbklkPTE2NzM1JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xMjAzNjk0ODgzMDEzNzM1Njc0MCZhZFNlcnZlcklkPTI0MyZpbXBpZD05RjNFMDY0Mi1DNjlBLTQzRjItODdDNy02MDY4RkI5M0ZFOTMmcGFzc2JhY2s9MA%3D%3D_url%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.135.190 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.188.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Dec 2020 19:49:12 GMT
Server: MMBD/3.188.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x99, cdg-bidder-x149
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Fri, 11 Dec 2020 19:49:11 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 05C3 43 B
506 B 136ms
63ms Image
image/gif 104.75.88.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=3&v2=1679689473829802550&v3=669191&v4=4728557&v5=6798639&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=pub&s_exch=pub&id=5aW95q2jLzIzLyAvT0RZeFl6azVNekV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2Nzk2ODk0NzM4Mjk4MDI1NTAvNjc5ODYzOS80NzI4NTU3LzMvWTNtTGxKOFh4RGtvbHRvN0RlQnNwbmZ2UXpxV0R0b2tERXlMUVpOSVRMOC8xLzMvMC8wLzk5NjczNC8xMzgyNDIxNTA0LzIxNjUzNi82NjkxOTEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNjc5Njg5NDczODI5ODAyNTUwL2Ftcy8wLzQyODMvODYvOTk5LzIvODIuMTAyLjIwLjAvMC4wMDAvMTYwNzcxNjE1MC8xNjA3NzI4NzUwLzMvMTU2Njk2Lw/IajgiLfTI1lO4ocVvRwS-B1h6_Y&nodeid=2653&group=eu&auctionid=1679689473829802550&sid=4728557&cid=6798639&price=0.141230&bp=a_behecc&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.144&3pck=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjY5NiZzaXRlSWQ9MjY5ODg1JmFkSWQ9MTMyNTE3NyZrYWRzaXplaWQ9OCZ0bGRJZD02MTQ3MTAzMiZjYW1wYWlnbklkPTE2NzM1JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xMjAzNjk0ODgzMDEzNzM1Njc0MCZhZFNlcnZlcklkPTI0MyZpbXBpZD05RjNFMDY0Mi1DNjlBLTQzRjItODdDNy02MDY4RkI5M0ZFOTMmcGFzc2JhY2s9MA%3D%3D_url%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.223 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-223.deploy.static.akamaitechnologies.com
Software: MT3 3428 4427dd6 master cdg-pixel-x29 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Dec 2020 19:49:11 GMT
Server: MT3 3428 4427dd6 master cdg-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 11 Dec 2020 19:49:11 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 05C3 49 B
330 B 99ms
31ms Image
image/gif 185.29.135.190
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=pub&bid=1679689473829802550&st=4728557&time=1607716151&nodeid=2653
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=pub&s_exch=pub&id=5aW95q2jLzIzLyAvT0RZeFl6azVNekV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2Nzk2ODk0NzM4Mjk4MDI1NTAvNjc5ODYzOS80NzI4NTU3LzMvWTNtTGxKOFh4RGtvbHRvN0RlQnNwbmZ2UXpxV0R0b2tERXlMUVpOSVRMOC8xLzMvMC8wLzk5NjczNC8xMzgyNDIxNTA0LzIxNjUzNi82NjkxOTEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNjc5Njg5NDczODI5ODAyNTUwL2Ftcy8wLzQyODMvODYvOTk5LzIvODIuMTAyLjIwLjAvMC4wMDAvMTYwNzcxNjE1MC8xNjA3NzI4NzUwLzMvMTU2Njk2Lw/IajgiLfTI1lO4ocVvRwS-B1h6_Y&nodeid=2653&group=eu&auctionid=1679689473829802550&sid=4728557&cid=6798639&price=0.141230&bp=a_behecc&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.144&3pck=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjY5NiZzaXRlSWQ9MjY5ODg1JmFkSWQ9MTMyNTE3NyZrYWRzaXplaWQ9OCZ0bGRJZD02MTQ3MTAzMiZjYW1wYWlnbklkPTE2NzM1JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xMjAzNjk0ODgzMDEzNzM1Njc0MCZhZFNlcnZlcklkPTI0MyZpbXBpZD05RjNFMDY0Mi1DNjlBLTQzRjItODdDNy02MDY4RkI5M0ZFOTMmcGFzc2JhY2s9MA%3D%3D_url%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.135.190 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.188.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Dec 2020 19:49:12 GMT
Server: MMBD/3.188.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x80, cdg-bidder-x149
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Fri, 11 Dec 2020 19:49:11 GMT

GET
H/1.1

200
OK

request.php Show response
hal900012.redintelligence.net/ Frame 05C3
Redirect Chain

https://hal900012.redintelligence.net/request.php?zone=xxexut2w4pav&nw=20&renderingType=javascript&namespace=1fb06232f2&subid=&uid=897dadd3dee42e39&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900012.redintelligence.net/request.php?zone=xxexut2w4pav&nw=20&renderingType=javascript&namespace=1fb06232f2&subid=&uid=897dadd3dee42e39&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

160ms
91ms

Script
application/x-javascript

94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/request.php?zone=xxexut2w4pav&nw=20&renderingType=javascript&namespace=1fb06232f2&subid=&uid=897dadd3dee42e39&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1679689473829802550%26mt_id%3D6798639%26mt_adid%3D216536%26mt_sid%3D4728557%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D88685fd3-cd37-4301-b743-49945b42ab4a%26mt_3pck%3Dhttps%253A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NjY5NiZzaXRlSWQ9MjY5ODg1JmFkSWQ9MTMyNTE3NyZrYWRzaXplaWQ9OCZ0bGRJZD02MTQ3MTAzMiZjYW1wYWlnbklkPTE2NzM1JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xMjAzNjk0ODgzMDEzNzM1Njc0MCZhZFNlcnZlcklkPTI0MyZpbXBpZD05RjNFMDY0Mi1DNjlBLTQzRjItODdDNy02MDY4RkI5M0ZFOTMmcGFzc2JhY2s9MA%253D%253D_url%253D%26redirect%3D&documentReferer=https%3A%2F%2Fnotepad.pw%2Fv23u9ue1&ancestorOrigins=https%3A%2F%2Fnotepad.pw&random=7089550616379&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: db7bdd3a247a7b65e89667f34784f00b0f81c553afda5c9b2acbf6de5b0afb05

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Dec 2020 19:49:12 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 13043500169880201039536011440012
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 727
Expires: Fri, 11 Dec 2020 19:49:12 +0100

Redirect headers

Pragma: no-cache
Date: Fri, 11 Dec 2020 19:49:12 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=xxexut2w4pav&nw=20&renderingType=javascript&namespace=1fb06232f2&subid=&uid=897dadd3dee42e39&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1679689473829802550%26mt_id%3D6798639%26mt_adid%3D216536%26mt_sid%3D4728557%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D88685fd3-cd37-4301-b743-49945b42ab4a%26mt_3pck%3Dhttps%253A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NjY5NiZzaXRlSWQ9MjY5ODg1JmFkSWQ9MTMyNTE3NyZrYWRzaXplaWQ9OCZ0bGRJZD02MTQ3MTAzMiZjYW1wYWlnbklkPTE2NzM1JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xMjAzNjk0ODgzMDEzNzM1Njc0MCZhZFNlcnZlcklkPTI0MyZpbXBpZD05RjNFMDY0Mi1DNjlBLTQzRjItODdDNy02MDY4RkI5M0ZFOTMmcGFzc2JhY2s9MA%253D%253D_url%253D%26redirect%3D&documentReferer=https%3A%2F%2Fnotepad.pw%2Fv23u9ue1&ancestorOrigins=https%3A%2F%2Fnotepad.pw&random=7089550616379&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Fri, 11 Dec 2020 19:49:12 +0100

POST
H/1.1 200
OK c Show response
c.pub.network/ 36 B
458 B 250ms
174ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: 2f15f76abc19015e3f0aabbdf9239f7ba57ee63f19eb3684a25520c9c99c81d5

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://notepad.pw
Date: Fri, 11 Dec 2020 19:49:12 GMT
Access-Control-Allow-Credentials: true
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET
H/1.1 200
OK request_content.php
hal900012.redintelligence.net/ Frame 2EAF 0
0 105ms
36ms Document
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/request_content.php?s=13043500169880201039536011440012&a=bfa36b4d
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=xxexut2w4pav&nw=20&renderingType=javascript&namespace=1fb06232f2&subid=&uid=897dadd3dee42e39&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1679689473829802550%26mt_id%3D6798639%26mt_adid%3D216536%26mt_sid%3D4728557%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D88685fd3-cd37-4301-b743-49945b42ab4a%26mt_3pck%3Dhttps%253A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NjY5NiZzaXRlSWQ9MjY5ODg1JmFkSWQ9MTMyNTE3NyZrYWRzaXplaWQ9OCZ0bGRJZD02MTQ3MTAzMiZjYW1wYWlnbklkPTE2NzM1JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xMjAzNjk0ODgzMDEzNzM1Njc0MCZhZFNlcnZlcklkPTI0MyZpbXBpZD05RjNFMDY0Mi1DNjlBLTQzRjItODdDNy02MDY4RkI5M0ZFOTMmcGFzc2JhY2s9MA%253D%253D_url%253D%26redirect%3D&documentReferer=https%3A%2F%2Fnotepad.pw%2Fv23u9ue1&ancestorOrigins=https%3A%2F%2Fnotepad.pw&random=7089550616379&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash

Request headers

Host: hal900012.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://notepad.pw/v23u9ue1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=7c2b49ef714f114d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://notepad.pw/v23u9ue1

Response headers

Date: Fri, 11 Dec 2020 19:49:12 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Fri, 11 Dec 2020 19:49:12 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1609
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK aff_i
affiliate.salestring.com/ Frame 05C3 43 B
2 KB 234ms
49ms Image
image/gif 52.30.8.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://affiliate.salestring.com/aff_i?offer_id=296&file_id=6034&aff_id=1021&aff_sub=13043500169880201039536011440012&aff_sub2=296
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.8.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-8-231.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Dec 2020 19:49:12 GMT
Server: nginx
tracking_id: 102d527ee992001c7fba48f147619a
P3P: CP="NOI CUR OUR NOR INT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Length: 43
X-Request-Id: 566b9f521eb5ac37985264aadafadc52
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 7C0D 0
0 147ms
52ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://notepad.pw/v23u9ue1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://notepad.pw/v23u9ue1

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=101331
Expires: Sat, 12 Dec 2020 23:58:03 GMT
Date: Fri, 11 Dec 2020 19:49:12 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK AdDisplayTrackerServlet
aktrack.pubmatic.com/AdServer/ Frame 8A63 0
0 97ms
32ms Document
text/html 104.75.88.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156696&siteId=269885&adId=1325177&adType=10&adServerId=243&kefact=0.127107&kaxefact=0.127107&kadNetFrequecy=0&kadwidth=468&kadheight=60&kadsizeid=8&kltstamp=1607716150&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.141230&dcId=3&tldId=61471032&passback=0&svr=BID22362U&adsver=_4098858076&adsabzcid=0&ekefact=Ns3TX4SYDQDVjJNZJRJbA2CGpzLKWQcnZwo2LLSEBq9qoxbg&ekaxefact=Ns3TX5WYDQD2B8FuF61BJ7txFTKp9FVURmspoa9VTosODbTS&ekpbmtpfact=Ns3TX6KYDQC2xibzCzD3MDwLq9BqB28_geAxaLjG_AKF55fH&crID=6798639&lpu=soberberlin.com&ucrid=12036948830137356740&campaignId=16735&creativeId=0&pctr=0.000000&wDSPByrId=101936&wDspId=27&wbId=3&wrId=0&wAdvID=985929&wDspCampId=669191&isRTB=1&rtbId=445CB085-4BAE-4D2A-BA89-E1A8FE688A25&imprId=9F3E0642-C69A-43F2-87C7-6068FB93FE93&oid=9F3E0642-C69A-43F2-87C7-6068FB93FE93&cntryId=60&domain=notepad.pw&pageURL=https%3A%2F%2Fnotepad.pw%2Fv23u9ue1&sec=1&pAuSt=2
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.214 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-214.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: aktrack.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://notepad.pw/v23u9ue1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://notepad.pw/v23u9ue1

Response headers

Content-Type: text/html
Content-Length: 0
Date: Fri, 11 Dec 2020 19:49:12 GMT
Connection: keep-alive

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 05C3 0
45 B 56ms
55ms Image
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIpMv56ZK2IJRvB32F51slsZ9S1Hn9jFUU5mH6AUOEd4wO5XoBkm2H2A8u5vMU_ImUwdDrZkntkYbmnUGKmNtxYBD8GxOn3HqGFvmqIQEHJZAPTcjjh5lGUvmCtlCnRRn3x0sok1-oPVIq3_p_aqUc6ya6M8w2BSkYXxqVBcI4KStTe-KCGALL_fCn2qhB3fgrOrA23ldffoWNNp6wpR02gjenJIV9_MdMrw5LbvyGxvM0I3kFeIXeqVc4dX09W0D_NpsSRzyOUYVrhoakHdNK8dMcb9ptvRLKllyCabt-Ew&sai=AMfl-YQHW4IkVYhj8r4GjX2K6T_L1ZxGDEoiGVRz0JRStJe4Ot5v_co9mKvX0o3IXiZ13Ego9akhEFmGyqC6JQR6HoXlJGKIbvBMLMejsWWgBKICXOr9RL6Qv4Clt3YCq28&sig=Cg0ArKJSzIfFu8m4NM-nEAE&urlfix=1&adurl=

Requested by

Host: notepad.pw
URL: https://notepad.pw/v23u9ue1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Dec 2020 19:49:12 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 05C3 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7d1b73ddc6abc9bf484d87adb1b7e15f55cbc0fe12094550daa65da027d4cc4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK c Show response
c.pub.network/ 36 B
330 B 144ms
144ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: notepad.pw
URL: https://notepad.pw/v23u9ue1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: 2f15f76abc19015e3f0aabbdf9239f7ba57ee63f19eb3684a25520c9c99c81d5

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://notepad.pw
Date: Fri, 11 Dec 2020 19:49:13 GMT
Access-Control-Allow-Credentials: true
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 05C3 42 B
89 B 15ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu9cOywCyX2U2Oj0td_76vZxvljQHhyztiDsKS3wIoEiDgXZf8DAMDWK3huajCwwlTkQWlwwxmj4vjyRdFEk-1WZjL_O6r6ee_PjHDCDlk&sig=Cg0ArKJSzGk5j6eMAs4rEAE&adk=338981424&tt=-1&bs=1600%2C1200&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&p=5,566,65,1034&mcvt=1009&rs=0&ht=0&tfs=115&tls=1124&mc=1&lte=-1&bas=0&bac=0&met=ie&avms=nio&niot_obs=11&niot_cbk=19&md=2&btr=0&cpmav=0&lm=2&rst=1607716151605&dlt&rpt=1&isd=0&msd=0&xdi=0&ps=1600%2C1044&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-6-11-11-0-0-0&tvt=1119&is=468%2C60&iframe_loc=https%3A%2F%2Fnotepad.pw%2Fv23u9ue1&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201209

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notepad.pw/v23u9ue1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 19:49:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 66D2 0
0 97ms
31ms Document
text/html 184.30.212.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.212.16 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-30-212-16.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://notepad.pw/v23u9ue1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://notepad.pw/v23u9ue1

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Fri, 11 Dec 2020 19:49:17 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame D47F 0
0 70ms
69ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://notepad.pw/v23u9ue1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://notepad.pw/v23u9ue1

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=101327
Expires: Sat, 12 Dec 2020 23:58:03 GMT
Date: Fri, 11 Dec 2020 19:49:16 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html
js-sec.indexww.com/um/ Frame 6A12 0
0 119ms
40ms Document
text/html 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://notepad.pw/v23u9ue1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://notepad.pw/v23u9ue1

Response headers

Server: Apache
Last-Modified: Tue, 06 Oct 2020 14:04:48 GMT
ETag: "e20015-8f4-5b10114f2003a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 11 Dec 2020 19:49:17 GMT
Content-Length: 1136
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame 30D7 0
0 95ms
30ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://notepad.pw/v23u9ue1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://notepad.pw/v23u9ue1

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 03 Dec 2020 21:09:36 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 11 Dec 2020 19:49:17 GMT
Age: 81567
X-Served-By: cache-lga21935-LGA, cache-fra19146-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 475803
X-Timer: S1607716157.025280,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame 386D 0
0 93ms
30ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://notepad.pw/v23u9ue1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://notepad.pw/v23u9ue1

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 03 Dec 2020 21:09:36 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 11 Dec 2020 19:49:17 GMT
Age: 81567
X-Served-By: cache-lga21935-LGA, cache-fra19139-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 473377
X-Timer: S1607716157.025995,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 3619 0
0 132ms
69ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://notepad.pw/v23u9ue1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://notepad.pw/v23u9ue1

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=101326
Expires: Sat, 12 Dec 2020 23:58:03 GMT
Date: Fri, 11 Dec 2020 19:49:17 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html
js-sec.indexww.com/um/ Frame 4488 0
0 114ms
38ms Document
text/html 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://notepad.pw/v23u9ue1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://notepad.pw/v23u9ue1

Response headers

Server: Apache
Last-Modified: Tue, 06 Oct 2020 14:04:48 GMT
ETag: "e20015-8f4-5b10114f2003a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 11 Dec 2020 19:49:17 GMT
Content-Length: 1136
Connection: keep-alive

GET
H/1.1

204
No Content

getuids
grid.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=themediagrid
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=themediagrid&ssp_user_id=3b8cc201-5f43-4d1e-9514-2c7e4044b675
https://x.bidswitch.net/sync?dsp_id=74&&user_id=180896947&expires=5&ssp=themediagrid
https://grid.bidswitch.net/getuids?bsw_uid=3b8cc201-5f43-4d1e-9514-2c7e4044b675&ssp_custom_data=

0
260 B

48ms
48ms

Image
text/html

18.159.79.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grid.bidswitch.net/getuids?bsw_uid=3b8cc201-5f43-4d1e-9514-2c7e4044b675&ssp_custom_data=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.79.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-79-175.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://notepad.pw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Dec 2020 19:49:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Type: text/html; charset=UTF-8

Redirect headers

location: //grid.bidswitch.net/getuids?bsw_uid=3b8cc201-5f43-4d1e-9514-2c7e4044b675&ssp_custom_data=
date: Fri, 11 Dec 2020 19:49:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
notepad.pw/	1970-01-19 14:49:40	Name: typography Value: %7B%22sp_class%22%3A%22not-active%22%7D
notepad.pw/	1969-12-31 23:59:59	Name: fsbotchecked Value: true
notepad.pw/	1969-12-31 23:59:59	Name: adOtr Value: c9e5282ea6e
notepad.pw/	1970-01-23 06:41:45	Name: UTGv2 Value: h468f19c4063ec27e5f02b2170f256696c78
notepad.pw/	1970-01-19 14:35:23	Name: pad_cookie Value: 7e2cbd139a45d6cffd75faf92d905e4d9926899d
notepad.pw/	1969-12-31 23:59:59	Name: SPSI Value: 2e29c5a8ee6ac20e18c523e37122d569
notepad.pw/	1970-01-19 14:35:16	Name: sp_lit Value: zIOppAa1o3sjTY6yTOL4kQ==
notepad.pw/	1970-01-19 14:35:23	Name: spcsrf Value: 8cab0346433b11a512330ee1e98f6084
notepad.pw/	1969-12-31 23:59:59	Name: PRLST Value: iu
notepad.pw/	1969-12-31 23:59:59	Name: SPSE Value: 3WuzRHd9RJVHvJUWpxQYsfr/qMYUfi8ova0Fhcmjo3rbMraP+o8l2k3K5hazvlQUcG4ZUTdyp82Sa5g17mT4OA==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://a.pub.network/core/pubfig/pubfig.engine.4.2.6.3a13c17c01a1249715b4629cbd5788d1957c57f7.js(Line 1) Message: %cPubfig background: #00C389; color: #fff; border-radius: 3px; padding: 3px pubfig.messaging.js - Init ========== LOADING MESSAGING ==========

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
acdn.adnxs.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
affiliate.salestring.com
aktrack.pubmatic.com
btlr.sharethrough.com
c.pub.network
cdnjs.cloudflare.com
d.pub.network
eus.rubiconproject.com
fastlane.rubiconproject.com
fe6652ef2e3a92d3253354306c7a34a9.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
grid.bidswitch.net
hal9000.redintelligence.net
hal900012.redintelligence.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
js-sec.indexww.com
live.notepad.pw
notepad.pw
pagead2.googlesyndication.com
pixel.mathtag.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
rules.quantcount.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
tags.mathtag.com
tpc.googlesyndication.com
wpcc.io
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.75.88.214
104.75.88.223
138.201.63.116
151.101.13.108
151.139.128.11
172.217.22.2
18.159.79.175
184.30.212.16
184.31.84.150
185.29.135.190
185.33.221.89
185.64.189.112
2.19.34.195
213.19.162.41
23.210.249.164
23.210.249.92
2600:9000:2104:e400:6:44e3:f8c0:93a1
2606:4700:20::ac43:443c
2606:4700:3031::681b:8143
2606:4700::6810:125e
2606:4700::6810:135e
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:801::200a
2a00:1450:4001:809::2003
2a00:1450:4001:81a::200e
2a00:1450:4001:81d::2001
2a00:1450:4001:820::2001
2a00:1450:4001:820::2008
2a00:1450:4001:825::2002
2a00:1450:4001:825::2003
35.188.71.214
35.226.36.58
52.28.154.93
52.30.8.231
52.58.45.227
68.183.157.211
94.130.102.164
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
0fd0b717735bc558e48f86375f11755efe89de3258d8636fc6c52bc3b93fcf2e
0fd2878ca2ca74756ba04304b9737be4bf7727a7eb2dec9e75eb67731aaf00f1
119351ced3134718cb42591e513ff063cf04af7c2734b137c666ee62e137e15d
1218d1542f43aa9b79347ef0815c1bedbceb9af797e6d60fb984005c9b938480
1ab080656fab6802aab402d3e385c6c3aa1715d4d962edd506907862dfdad8dc
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1f2ae177b9ba4a4e78debba8a1520276d88e8f4fbd55e80c1d74165ac61a2592
20eb2c3737cddca09f056e566396d83aab10de8824984c5684247345e995edc4
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
232aefdba529e089a651b9ae0a1f9e9abcd5b62e629bd1031a9f491742bcb4de
25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b60310189012686567c541c72a40acf74adb416bdc524008822d6c7c73ccd97
2f15f76abc19015e3f0aabbdf9239f7ba57ee63f19eb3684a25520c9c99c81d5
30b96f7e113f7864e20167231c425cef23b3b342aee7e3d16469223f4737e560
3c5b6bb603a4f7556b94532674f3847b430b9495afbb3a4dcfe5ba718baa59ad
4286cdf1d0f9389e2db53ecd1c36680725399965e919c24070c3b034ba5c2925
437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47088d1f026b7b32bd3fae708cec565eeb77fe0268191e2bd18ab4e120add310
4a68806f2996805e97ccebb23bc450ecc1335f4a11de50f1648c1f32d526433e
51839cd54fbd59d491d731aa9f28bf46a0c44fd332a461e267e2e61c247adf1c
55b731aa03064189b7abca9931deb7b844c75d7664aacecc1356c4bc0635c4af
560ee8213cda78828e88fbcbe2fbe6d3337d563384ea57d344ce3e3559da1dda
5dbaab8f472717f5f659cb28deb326df6d4b858bf1025c84f366a808798c1587
6195b1bce0085db8c9b1b936150dfd7b070aa9be52d44580b1b6f16752dece34
6630d3fd7765c6c606d0a3b7989b94d88ce4351f622e574d315db5387bbf953b
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
683f82e1b4301ed42243e333fba87ced6b4f31a113e130d49a016c5cb43fa52b
6a168e2ddae4d655f0e9793c98406ed886956b7f54544b88a1b9d279fe8b242f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70f44ea83aecd579119eb839d893c5a42d6af2d0375d918b4d0b659423509876
722cd4ad015d279f22c9b35d9e4aaf0d53c3dfc1e91a7c254be1e756ab70bf4b
84c0f24961d9cd967af43df4a48011aaf2a0b014c2e0868cc103c5f178943b06
86f10b8a6df37fef05944c8e01395dcbc3fc5acf10037a61a6a9b112a436a5d0
88122f4fe15edd7940e143d930d530eaa17da50254ba71b5dbf7b771fe1f1211
888b41bb493f82bc787b507deee35df8a9dca32d9f59e5e4434334bb04aa1e17
8945a372bd035bcde76a46960f89387757117ede66d87665d486307e959aa3c2
9b52a6fb42cac8d1e5a98b0b89ce761b945a1dcc6bc77fb5a3163f871f02e0cf
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a6d69484fd7cc37394e484041508958fbf33bfe2bd3e7215e1314f2bf4f64827
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a7d1b73ddc6abc9bf484d87adb1b7e15f55cbc0fe12094550daa65da027d4cc4
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b44056f8f4ac197247e228ba4b91011d9513b2e93a489bc3775affd0464ace20
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
bc556f2b0d3ed8b94a649b80b2ae46f2963a6f1a0c97b6ddbb37b595a647ea65
c9c41579990e491b31185c662e701facbcd6dab9ec0b06edef8feec2f981812e
ca5b15b95bbc4163efec781403c3aae9e39035c0a84ad5d7cdbd9dde2fddbd2a
d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b
d23807344428eec21271b708fcf73919827e568b0a335989f9f2348ae4356bd1
db7bdd3a247a7b65e89667f34784f00b0f81c553afda5c9b2acbf6de5b0afb05
dc3842d1ad8fde688d7b47fb100be5a4bcf18b97af2dd23d02dbb3713f6d520b
dc96014302a0a9371a22e1c59b74e69b0884fc59cb01d9be2f04e935a40ad8d5
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa
e132a71fb17a9ff708845e4ad37d2901cd3ea4a7985df57a1078bc49253055d8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478
e644918f46ad5f284f6e605915254615e5d72212d37717b0abb2d62dc5deaa5f
e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870
ea5838a25a58f866f6986258e5bfa4fd9f23fb331ed8f9657ab6d1e0ffd57bf2
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f79dfaabb417f7b777458a24663c5075dd1e56026e20578a0d74568b3c762375

notepad.pw Open in urlscan Pro 151.139.128.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

97 Requests

100 %HTTPS

44 %IPv6

27 Domains

40 Subdomains

40 IPs

6 Countries

898 kBTransfer

2550 kBSize

10 Cookies

8 Outgoing links

Page URL History

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

notepad.pw Open in urlscan Pro
151.139.128.11 Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

100 %
HTTPS

44 %
IPv6

27
Domains

40
Subdomains

40
IPs

6
Countries

898 kB
Transfer

2550 kB
Size

10
Cookies

97 HTTP transactions
2 data transactions